GISBSender Class

Properties Methods Events Config Settings Errors

The GISBSender class implements an GISB / EDM client.

Syntax

ipworksedi.GISBSender

Remarks

The GISBSender component is used to send EDI or other documents using the GISB (Gas Industry Standards Board) / NAESB (North American Energy Standards Board) EDM (Electronic Delivery Mechanism) protocol.

When sending an EDI message, the client should specify, at a minimum, DataFrom, DataTo, URL, Data, and EDIType. The Post method should then be invoked.

Basic Features: GISB Versions 1.4 and above

Security is provided via the use of PGP. If you want to sign and/or encrypt your message set the SignData and EncryptData properties to true. The class does not itself implement PGP, instead it uses a

The following table defines possible values that may be passed to the SetPGPParam.


homedir	The directory containing the public keyring, secret keyring and trust database. Please note this defaults to the application preferences directory of the user, hence if the GNUPG provider is being used from a ASP.NET application, homedir should be specified.
passphrase	The passphrase to access the secret keys in the secret-keyring.
userid	The identifier used to identify a secret key within the secret-keyring. Note: When decrypting if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
recipient-userid	The identifier used to identify a public key within the public keyring. Note: When verifying a signature if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
timeout	The timeout in milliseconds that the provider will wait for a response from the OpenPGP executable. The default is 5000 (5 seconds).
usetempfile	If set to "true" the provider will write data to be processed to a temporary file on disk. This is useful when working with large files or binary files.
signingalgorithm	The signing algorithm to use when SignData is True. Possible values are: SHA1 MD5 SHA256 (default) SHA384 SHA512 SHA224 RIPEMD160
encryptingalgorithm	The encrypting algorithm to use when EncryptData is True. Possible values are: CAST5 3DES AES256 AES192 AES128 (default) BLOWFISH TWOFISH IDEA
compressionmethod	The compression method to use. Possible values are: zip (default) zlib bzip2 none

to allow you to process the PGP data with a library of your choice.

TLS/SSL will also be used if the scheme in URL is "https". In case your trading partner is using a self-signed certificate you may set SSLAcceptServerCert or trap the SSLServerAuthentication event to accept the certificate.

After you Post the server will issue a brief reply. If the server indicates some sort of an error an exception will be thrown. However, the absence of an error message does not necessarily mean that the server was able to read the EDI data. The server may attempt to process the data after closing the connection; if it finds an error it might send a separate error notification which may be processed by the GISBReceiver component.

Extended Security Options: NAESB Version 1.6

Version 1.6 of the NAESB/GISB protocol includes extensions to allow additional security. Like the AS2 protocol, version 1.6 allows for the use of receipts.

To request a receipt, set the ReceiptTo property. The ReceiptType and ReceiptSecurity properties may be used to customize the receipt request; by default, the class will request a GISB-Acknowledgement-Receipt signed over an SHA-1 hash. The receipt will be returned in the HTTP reply, and will automatically be verified by the class.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.


Cookies	A collection of cookies.
DataElements	Collection of extra data elements for the outgoing request.
DataFrom	The identity of the sending system.
DataTo	The identity of the receiving system.
EncryptData	Whether or not to encrypt the data.
Firewall	A set of properties related to firewall access.
GISBData	The EDI Payload of the message.
GISBVersion	The version of GISB/NAESB being used.
LocalHost	The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
LogDirectory	The path to a directory for logging.
LogFile	The log file written.
Proxy	A set of properties related to proxy access.
PublicKeyringData	Public keyring data.
ReceiptSecurity	[1.6] Used to indicate the security options requested for the receipt.
ReceiptSigningProtocol	[1.6] Indicates the protocol used to sign the receipt.
ReceiptTo	[1.6] Used to request a receipt.
ReceiptType	[1.6] The type of receipt requested.
ReplyHeaders	The HTTP headers provided for the Response .
RequestStatus	The status of the request.
ResponseContent	The response returned from the server.
SecretKeyringData	Secret keyring data.
SignData	Whether or not to sign the data.
SSLAcceptServerCert	Instructs the class to unconditionally accept the server certificate that matches the supplied certificate.
SSLCert	The certificate to be used during Secure Sockets Layer (SSL) negotiation.
SSLProvider	The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use.
SSLServerCert	The server certificate for the last established connection.
Subject	The subject of the message.
Timeout	The timeout for the class.
TransactionId	The transaction ID of the message.
URL	The URL to post to.
UserAgent	Information about the user agent.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.


Config	Sets or retrieves a configuration setting.
DoEvents	This method processes events from the internal message queue.
Post	Post data to the server, and check the receipt.
Reset	Resets the state of the control.
SetPGPParam	Sets a parameter in the PGP provider.
SetUploadStream	Sets the stream to be uploaded to the server.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.


Connected	Fired immediately after a connection completes (or fails).
Disconnected	Fired when a connection is closed.
EndTransfer	Fired when a document finishes transferring.
Error	Fired when information is available about errors during data delivery.
Header	Fired every time a header line comes in.
Log	Fired with log information while processing a message.
SetCookie	Fired for every cookie set by the server.
SSLServerAuthentication	Fired after the server presents its certificate to the client.
SSLStatus	Fired when secure connection progress messages are available.
StartTransfer	Fired when a document starts transferring (after the headers).
Transfer	Fired while a document transfers (delivers document).

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.


AllowOldPacketType	Whether to allow the older encrypted packet type.
Authorization	The Authorization string to be sent to the server.
AuthScheme	The authorization scheme to be used when server authorization is to be performed.
ForceV3Signature	Whether to use v3 signatures.
LogFilename	The base name of the log file.
LogLevel	Specifies the level of detail that is logged.
Password	A password if authentication is to be used.
PGPCombineSignAndEncrypt	Whether to sign and encrypt in a single step or not.
User	A user name if authentication is to be used.
BuildInfo	Information about the product's build.
GUIAvailable	Whether or not a message loop is available for processing events.
LicenseInfo	Information about the current license.
MaskSensitiveData	Whether sensitive data is masked in log messages.
UseDaemonThreads	Whether threads created by the class are daemon threads.
UseFIPSCompliantAPI	Tells the class whether or not to use FIPS certified APIs.
UseInternalSecurityAPI	Whether or not to use the system security libraries or an internal implementation.

Cookies Property (GISBSender Class)

A collection of cookies.

Syntax

public HTTPCookieList getCookies();
public void setCookies(HTTPCookieList cookies);

Remarks

This property contains a collection of cookies. To add cookies to outgoing HTTP requests, add cookies (of type HTTPCookie) to this collection.

To see cookies that are set by the server, use the SetCookie event, which displays the cookies and their properties as set by the server. Those cookies also are added to Cookies.

MaxHTTPCookies can be used to control the maximum number of cookies saved.

This collection is indexed from 0 to size -1.

This property is not available at design time.

Please refer to the HTTPCookie type for a complete list of fields.

DataElements Property (GISBSender Class)

Collection of extra data elements for the outgoing request.

Syntax

public GISBElementList getDataElements();
public void setDataElements(GISBElementList dataElements);

Remarks

When you Post to the server the data elements in DataElements will be added to the standard data elements and included with the request.

The following data elements are configured using the appropriate properties, will be added automatically by the class, and should not be included in DataElements:

from, to, receipt-disposition-to, receipt-report-type, input-format, input-data, receipt-security-selection.

This property is not available at design time.

Please refer to the GISBElement type for a complete list of fields.

DataFrom Property (GISBSender Class)

The identity of the sending system.

Syntax

public String getDataFrom();
public void setDataFrom(String dataFrom);

Default Value

Remarks

Will generally be the DUNS number of the sending trading partner. Required.

DataTo Property (GISBSender Class)

The identity of the receiving system.

Syntax

public String getDataTo();
public void setDataTo(String dataTo);

Default Value

Remarks

Will generally be the DUNS number of the receiving trading partner. Required.

EncryptData Property (GISBSender Class)

Whether or not to encrypt the data.

Syntax

public boolean isEncryptData();
public void setEncryptData(boolean encryptData);

Default Value

False

Remarks

If true, then the data will be encrypted before sending to the server.

Firewall Property (GISBSender Class)

A set of properties related to firewall access.

Syntax

public Firewall getFirewall();
public void setFirewall(Firewall firewall);

Remarks

This is a Firewall-type property, which contains fields describing the firewall through which the class will attempt to connect.

Please refer to the Firewall type for a complete list of fields.

GISBData Property (GISBSender Class)

The EDI Payload of the message.

Syntax

public GISBData getGISBData();
public void setGISBData(GISBData GISBData);

Remarks

The EDI Payload of the message.

This property is not available at design time.

Please refer to the GISBData type for a complete list of fields.

GISBVersion Property (GISBSender Class)

The version of GISB/NAESB being used.

Syntax

public String getGISBVersion();
public void setGISBVersion(String GISBVersion);

Default Value

"1.6"

Remarks

The version of the GISB/NAESB EDM being used. Supported values are "1.4", "1.6", "2.0", and "2.1". Note that requesting a receipt is only supported in version 1.6 and up.

LocalHost Property (GISBSender Class)

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

public String getLocalHost();
public void setLocalHost(String localHost);

Default Value

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the class is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: LocalHost is not persistent. You must always set it in code, and never in the property window.

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

Note: LocalHost is not persistent. You must always set it in code, and never in the property window.

LogDirectory Property (GISBSender Class)

The path to a directory for logging.

Syntax

public String getLogDirectory();
public void setLogDirectory(String logDirectory);

Default Value

Remarks

Setting LogDirectory will instruct the component to log the details of each transmission to unique files in the specified directory. For each request processed, the class will log the original EDI data, the complete text of the outgoing request and the incoming response.

The class will write a single file for each transmission, with extension ".log". In case of error an additional file will be written with extension ".err", and the error will be reported in both files.

The filenames will be chosen automatically by the class. Each filename will be the system time, in the format YYYY-MM-DD-HH-MM-SS-MMMM, with extensions "-2", "-3", used in case files of those names already exist. After each transaction is processed LogFile will contain the name of the files just written, minus the extension ".log" or ".err".

If logs cannot be written an exception will be thrown.

LogFile Property (GISBSender Class)

The log file written.

Syntax

public String getLogFile();

Default Value

Remarks

In case LogDirectory is specified a log file will be written in the specified directory and LogFile will contain the path. A diagnostic log will be written with filename LogFile + ".log", and in case of error, an additional file will be written with filename LogFile + ".dat".

This property is read-only.

Proxy Property (GISBSender Class)

A set of properties related to proxy access.

Syntax

public Proxy getProxy();
public void setProxy(Proxy proxy);

Remarks

This property contains fields describing the proxy through which the class will attempt to connect.

Please refer to the Proxy type for a complete list of fields.

PublicKeyringData Property (GISBSender Class)

Public keyring data.

Syntax

public byte[] getPublicKeyringData();
public void setPublicKeyringData(byte[] publicKeyringData);

Default Value

Remarks

This property allows the public keyring data to be specific in the form of a byte array. Use this in conjunction with SecretKeyringData and the keyring will be loaded from this data instead of the homedir.

ReceiptSecurity Property (GISBSender Class)

[1.6] Used to indicate the security options requested for the receipt.

Syntax

public String getReceiptSecurity();
public void setReceiptSecurity(String receiptSecurity);

Default Value

"signed-receipt-protocol=optional, pgp-signature; signed-receipt-micalg=optional, sha1, md5"

Remarks

Only supported for Version 1.6.

By default, the class will request that the receipt be signed with a PGP signature over an SHA1 or MD5 hash (if these algorithms are supported by the server).

Set ReceiptSecurity to an empty string to request an unsigned receipt.

The string format is that of the Disposition-notification-options HTTP header, as specified in RFC 3335.

ReceiptSigningProtocol Property (GISBSender Class)

[1.6] Indicates the protocol used to sign the receipt.

Syntax

public String getReceiptSigningProtocol();

Default Value

Remarks

Only supported for Version 1.6.

This property will be populated after a receipt is received from the server and validated. It will contain the MIME type of the signature used, if any (i.e., "application/pgp-signature"). It will contain an empty string if the receipt is unsigned.

This property is read-only.

ReceiptTo Property (GISBSender Class)

[1.6] Used to request a receipt.

Syntax

public String getReceiptTo();
public void setReceiptTo(String receiptTo);

Default Value

Remarks

Only supported for Version 1.6.

If this property is set, a Receipt-Notification-To form variable will be added to the request, and a receipt will be requested. Generally this should be the same as DataFrom.

By default, the class will request a GISB-Acknowledgement-Receipt, signed with PGP and delivered synchronously in the HTTP reply. You may set ReceiptSecurity to request a different type of signature, or no signature at all.

ReceiptType Property (GISBSender Class)

[1.6] The type of receipt requested.

Syntax

public String getReceiptType();
public void setReceiptType(String receiptType);

Default Value

"gisb-acknowledgement-receipt"

Remarks

Only supported for Version 1.6.

If ReceiptTo is set, the class will request a receipt of the indicated type. Note that the only type of receipt readable by the class is a gisb-acknowledgement-receipt, and only if using version 1.6 of the GISB/NAESB protocol.

The security settings for the receipt (signed or unsigned) may be configured by setting ReceiptSecurity.

ReplyHeaders Property (GISBSender Class)

The HTTP headers provided for the Response .

Syntax

public String getReplyHeaders();

Default Value

Remarks

The HTTP headers provided for the Response.

This property is read-only.

RequestStatus Property (GISBSender Class)

The status of the request.

Syntax

public String getRequestStatus();

Default Value

"ok"

Remarks

RequestStatus will be determined from the server response after a Post. If the request status is anything other than "ok" the class will throw an exception. Note that servers are not required to process data immediately, and a RequestStatus of "ok" is not a guarantee that the server was able to process your data.

The following is the complete list of error codes defined by the GISB 1.4 and NAESB 1.6 specifications.

The following is the complete list of error codes defined by the GISB 1.4 and NAESB 1.6 specification. Error codes only defined in version 1.6 are notated with "1.6" below, and errors that will be detected and reported automatically by the GISBReceiver class are indicated with an asterisk.

The following is the complete list of error codes defined by the GISB 1.4 specification.

EEDM100*: Missing From Common Code Identifier Code

EEDM101*: Missing To Common Code Identifier Code

EEDM102*: Missing Input Format

EEDM103*: Missing Data File

EEDM104: Missing Transaction Set

EEDM105: Invalid From Common Code Identifier

EEDM106: Invalid To Common Code Identifier

EEDM107: Invalid Input Format

EEDM108: Invalid Transaction Set

EEDM109: No Parameters Supplied

EEDM110: (1.6) Invalid "version"

EEDM111: (1.6) Missing "version"

EEDM112: (1.6) "receipt-security-selection" not mutually agreed

EEDM113*: (1.6) Invalid "receipt-security-selection"

EEDM114: (1.6) Missing "receipt-disposition-to"

EEDM115: (1.6) Invalid "receipt-disposition-to"

EEDM116: (1.6) Missing "receipt-report-type"

EEDM117: (1.6) Invalid "receipt-report-type"

EEDM118: (1.6) Missing "receipt-security-selection"

EEDM119: (1.6) Mutually agreed element, refnum, not present

EEDM601: Public Key Invalid

EEDM602: File Not Encrypted

EEDM603: Encrypted File Truncated

EEDM604*: Encrypted File Not Signed Or Signature Not Matched

EEDM699: Decryption Error

EEDM701: EDM Party Not Associated With EDI Party

EEDM702: Data Structure Error

EEDM703: Data Set Exchange Not Established For Trading Partner

EEDM999: System Error

WEDM100: Transaction Set Sent Not Mutually Agreed

WEDM102: (1.6) "receipt-security-selection" not mutually agreed

WEDM103: (1.6) Missing "receipt-security-selection"

WEDM104: (1.6) Element refnum received; not mutually agreed; ignored

This property is read-only.

ResponseContent Property (GISBSender Class)

The response returned from the server.

Syntax

public byte[] getResponseContent();

Default Value

Remarks

This property will be populated after a response is received from the server. If a receipt was requested this property will contain the receipt; otherwise this property will contain at least a small bit of HTML describing whether or not the transmission succeeded.

In case the receipt was signed, ResponseContent will contain the unsigned receipt, together with its MIME headers.

Note that if a signature was requested but an unsigned receipt is received the class will throw an exception.

This property is read-only.

SecretKeyringData Property (GISBSender Class)

Secret keyring data.

Syntax

public byte[] getSecretKeyringData();
public void setSecretKeyringData(byte[] secretKeyringData);

Default Value

Remarks

This property allows the secret keyring data to be specific in the form of a byte array. Use this in conjunction with PublicKeyringData and the keyring will be loaded from this data instead of the homedir.

SignData Property (GISBSender Class)

Whether or not to sign the data.

Syntax

public boolean isSignData();
public void setSignData(boolean signData);

Default Value

False

Remarks

If true, then the data will be signed before sending to the server.

SSLAcceptServerCert Property (GISBSender Class)

Instructs the class to unconditionally accept the server certificate that matches the supplied certificate.

Syntax

public Certificate getSSLAcceptServerCert();
public void setSSLAcceptServerCert(Certificate SSLAcceptServerCert);

Remarks

If it finds any issues with the certificate presented by the server, the class will normally terminate the connection with an error.

You may override this behavior by supplying a value for SSLAcceptServerCert. If the certificate supplied in SSLAcceptServerCert is the same as the certificate presented by the server, then the server certificate is accepted unconditionally, and the connection will continue normally.

Note: This functionality is provided only for cases in which you otherwise know that you are communicating with the right server. If used improperly, this property may create a security breach. Use it at your own risk.

Please refer to the Certificate type for a complete list of fields.

SSLCert Property (GISBSender Class)

The certificate to be used during Secure Sockets Layer (SSL) negotiation.

Syntax

public Certificate getSSLCert();
public void setSSLCert(Certificate SSLCert);

Remarks

This property includes the digital certificate that the class will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

Please refer to the Certificate type for a complete list of fields.

SSLProvider Property (GISBSender Class)

The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use.

Syntax

public int getSSLProvider();
public void setSSLProvider(int SSLProvider);

Enumerated values:
  public final static int sslpAutomatic = 0;
  public final static int sslpPlatform = 1;
  public final static int sslpInternal = 2;

Default Value

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic), the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are as follows:


0 (sslpAutomatic - default)	Automatically selects the appropriate implementation.
1 (sslpPlatform)	Uses the platform/system implementation.
2 (sslpInternal)	Uses the internal implementation.

Additional Notes

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected, the platform implementation is used by default. When TLS 1.3 is enabled via SSLEnabledProtocols, the internal implementation is used.

SSLServerCert Property (GISBSender Class)

The server certificate for the last established connection.

Syntax

public Certificate getSSLServerCert();

Remarks

This property contains the server certificate for the last established connection.

SSLServerCert is reset every time a new connection is attempted.

This property is read-only.

Please refer to the Certificate type for a complete list of fields.

Subject Property (GISBSender Class)

The subject of the message.

Syntax

public String getSubject();
public void setSubject(String subject);

Default Value

Remarks

The optional human-readable subject of the message.

Timeout Property (GISBSender Class)

The timeout for the class.

Syntax

public int getTimeout();
public void setTimeout(int timeout);

Default Value

Remarks

If the Timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If Timeout is set to a positive value, the class will wait for the operation to complete before returning control.

The class will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.

If Timeout expires, and the operation is not yet complete, the class throws an exception.

Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

The default value for the Timeout property is 60 seconds.

TransactionId Property (GISBSender Class)

The transaction ID of the message.

Syntax

public String getTransactionId();

Default Value

Remarks

A unique ID for the transaction. In GISB the TransactionId will be generated by the server, so this property will be populated whenever you receive a response from the server.

This property is read-only.

URL Property (GISBSender Class)

The URL to post to.

Syntax

public String getURL();
public void setURL(String URL);

Default Value

Remarks

SSL will be used if and only if the URL scheme is "https". Note that generally signed, unencrypted messages would be sent using SSL, as encrypting the message would be redundant.

UserAgent Property (GISBSender Class)

Information about the user agent.

Syntax

public String getUserAgent();
public void setUserAgent(String userAgent);

Default Value

"IPWorks EDI GISBSender Component - www.nsoftware.com"

Remarks

Override the default with the name and version of your software.

Config Method (GISBSender Class)

Sets or retrieves a configuration setting.

Syntax

public String config(String configurationString);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

DoEvents Method (GISBSender Class)

This method processes events from the internal message queue.

Syntax

public void doEvents();

Remarks

When DoEvents is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

Post Method (GISBSender Class)

Post data to the server, and check the receipt.

Syntax

public void post();

Remarks

Post will generate the request and post it to the server. The reply will be checked; if a receipt was requested it will be validated, and any response will be checked for error messages.

Reset Method (GISBSender Class)

Resets the state of the control.

Syntax

public void reset();

Remarks

Resets all HTTP headers as well as EDIData, etc. After invoking this method the class may be reused as if it were newly created.

SetPGPParam Method (GISBSender Class)

Sets a parameter in the PGP provider.

Syntax

public void setPGPParam(String name, String value);

Remarks

Invoke SetPGPParam to set parameters of your PGP provider. Please refer to the documentation provided with the PGP provider for the parameters required.

The following table defines possible values that may be passed to the SetPGPParam.


homedir	The directory containing the public keyring, secret keyring and trust database. Please note this defaults to the application preferences directory of the user, hence if the GNUPG provider is being used from a ASP.NET application, homedir should be specified.
passphrase	The passphrase to access the secret keys in the secret-keyring.
userid	The identifier used to identify a secret key within the secret-keyring. Note: When decrypting if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
recipient-userid	The identifier used to identify a public key within the public keyring. Note: When verifying a signature if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
timeout	The timeout in milliseconds that the provider will wait for a response from the OpenPGP executable. The default is 5000 (5 seconds).
usetempfile	If set to "true" the provider will write data to be processed to a temporary file on disk. This is useful when working with large files or binary files.
signingalgorithm	The signing algorithm to use when SignData is True. Possible values are: SHA1 MD5 SHA256 (default) SHA384 SHA512 SHA224 RIPEMD160
encryptingalgorithm	The encrypting algorithm to use when EncryptData is True. Possible values are: CAST5 3DES AES256 AES192 AES128 (default) BLOWFISH TWOFISH IDEA
compressionmethod	The compression method to use. Possible values are: zip (default) zlib bzip2 none

SetUploadStream Method (GISBSender Class)

Sets the stream to be uploaded to the server.

Syntax

public void setUploadStream(java.io.InputStream uploadStream);

Remarks

If you specify EDIData the data will be taken from there instead. Otherwise the contents of the stream will be written to EDIData before transmission. The stream should be open and normally set to position 0.

The class will automatically close this stream if CloseStreamAfterTransfer is true (default). If the stream is closed, you will need to call SetUploadStream again before the next send.

The content of the stream will be read from the current position all the way to the end.

Connected Event (GISBSender Class)

Fired immediately after a connection completes (or fails).

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void connected(GISBSenderConnectedEvent e) {}
  ...
}

public class GISBSenderConnectedEvent {
  public int statusCode;
  public String description;
}

Remarks

If the connection is made normally, StatusCode is 0 and Description is "OK".

If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

Please refer to the Error Codes section for more information.

Disconnected Event (GISBSender Class)

Fired when a connection is closed.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void disconnected(GISBSenderDisconnectedEvent e) {}
  ...
}

public class GISBSenderDisconnectedEvent {
  public int statusCode;
  public String description;
}

Remarks

If the connection is broken normally, StatusCode is 0 and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error.

Please refer to the Error Codes section for more information.

EndTransfer Event (GISBSender Class)

Fired when a document finishes transferring.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void endTransfer(GISBSenderEndTransferEvent e) {}
  ...
}

public class GISBSenderEndTransferEvent {
  public int direction;
}

Remarks

This event is fired first when the client finishes sending data to the server (in a POST or PUT request) and then when the document text finishes transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

Error Event (GISBSender Class)

Fired when information is available about errors during data delivery.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void error(GISBSenderErrorEvent e) {}
  ...
}

public class GISBSenderErrorEvent {
  public int errorCode;
  public String description;
}

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class throws an exception.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Header Event (GISBSender Class)

Fired every time a header line comes in.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void header(GISBSenderHeaderEvent e) {}
  ...
}

public class GISBSenderHeaderEvent {
  public String field;
  public String value;
}

Remarks

The Field parameter contains the name of the HTTP header (which is the same as it is delivered). The Value parameter contains the header contents.

If the header line being retrieved is a continuation header line, then the Field parameter contains "" (empty string).

Log Event (GISBSender Class)

Fired with log information while processing a message.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void log(GISBSenderLogEvent e) {}
  ...
}

public class GISBSenderLogEvent {
  public String logType;
  public byte[] logMessage;
}

Remarks

This event fires once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.

Log messages available through this event correspond to log files written to LogDirectory. This event provides a way to obtain log messages without relying on files on disk. This event fires regardless of the value of LogDirectory (i.e. when LogDirectory is empty the event will still fire).

The LogMessage event parameter holds the raw log data.

The LogType event parameter indicates the type of log. Possible values are:


"LOG"	Information about the status of the process.
"ERR"	An error was encountered.
"DAT"	The EDI payload.
"REQ"	The raw request
"MDN"	The MDN response.
"DEBUG"	Debug information.
"DAT.INPUT"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.ENCRYPT"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.COMPRESS"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.SIGN"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECRYPT"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECOMPRESS"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.VERIFY"	Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DEBUG"	Debug information when processing payload. Only applicable when LogDebug is True.

SetCookie Event (GISBSender Class)

Fired for every cookie set by the server.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void setCookie(GISBSenderSetCookieEvent e) {}
  ...
}

public class GISBSenderSetCookieEvent {
  public String name;
  public String value;
  public String expires;
  public String domain;
  public String path;
  public boolean secure;
}

Remarks

This event is fired for every Set-Cookie: header received from the HTTP server.

The Name parameter contains the name of the cookie, with the corresponding value supplied in the Value parameter.

The Expires parameter contains an expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, the Expires parameter will be an empty string. In this case, the convention is to drop the cookie at the end of the session.

The Domain parameter contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, the Domain parameter will be an empty string. The convention in this case is to use the server specified in the URL (URLServer) as the cookie domain.

The Path parameter contains a path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the Path parameter will be an empty string. The convention in this case is to use the path specified in the URL (URLPath) as the cookie path.

The Secure parameter specifies whether the cookie is secure. If the value of this parameter is True, the cookie value must be submitted only through a secure (HTTPS) connection.

SSLServerAuthentication Event (GISBSender Class)

Fired after the server presents its certificate to the client.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void SSLServerAuthentication(GISBSenderSSLServerAuthenticationEvent e) {}
  ...
}

public class GISBSenderSSLServerAuthenticationEvent {
  public byte[] certEncoded;
  public String certSubject;
  public String certIssuer;
  public String status;
  public boolean accept; //read-write
}

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").

SSLStatus Event (GISBSender Class)

Fired when secure connection progress messages are available.

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void SSLStatus(GISBSenderSSLStatusEvent e) {}
  ...
}

public class GISBSenderSSLStatusEvent {
  public String message;
}

Remarks

The event is fired for informational and logging purposes only. This event tracks the progress of the connection.

StartTransfer Event (GISBSender Class)

Fired when a document starts transferring (after the headers).

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void startTransfer(GISBSenderStartTransferEvent e) {}
  ...
}

public class GISBSenderStartTransferEvent {
  public int direction;
}

Remarks

This event is fired first when the client starts sending data to the server (in a POST or PUT request) and then when the document text starts transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

Transfer Event (GISBSender Class)

Fired while a document transfers (delivers document).

Syntax

public class DefaultGISBSenderEventListener implements GISBSenderEventListener {
  ...
  public void transfer(GISBSenderTransferEvent e) {}
  ...
}

public class GISBSenderTransferEvent {
  public int direction;
  public long bytesTransferred;
  public int percentDone;
  public byte[] text;
}

Remarks

The Text parameter contains the portion of the document text being received. It is empty if data are being posted to the server.

The BytesTransferred parameter contains the number of bytes transferred in this Direction since the beginning of the document text (excluding HTTP response headers).

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

The PercentDone parameter shows the progress of the transfer in the corresponding direction. If PercentDone can not be calculated the value will be -1.

Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.

Certificate Type

This is the digital certificate being used.

Remarks

This type describes the current digital certificate. The certificate may be a public or private key. The fields are used to identify or select certificates.

The following fields are available:

Fields

EffectiveDate
String (read-only)
Default Value: ""

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

ExpirationDate
String (read-only)
Default Value: ""

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

ExtendedKeyUsage
String (read-only)
Default Value: ""

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

Fingerprint
String (read-only)
Default Value: ""

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

FingerprintSHA1
String (read-only)
Default Value: ""

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

FingerprintSHA256
String (read-only)
Default Value: ""

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

Issuer
String (read-only)
Default Value: ""

The issuer of the certificate. This field contains a string representation of the name of the issuing authority for the certificate.

KeyPassword
String
Default Value: ""

The password for the certificate's private key (if any).

Some certificate stores may individually protect certificates' private keys, separate from the standard protection offered by the StorePassword. This field can be used to read such password-protected private keys.

Note: This property defaults to the value of StorePassword. To clear it, you must set the property to the empty string (""). It can be set at any time, but when the private key's password is different from the store's password, then it must be set before calling PrivateKey.

PrivateKey
String (read-only)
Default Value: ""

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The PrivateKey may be available but not exportable. In this case, PrivateKey returns an empty string.

PrivateKeyAvailable
boolean (read-only)
Default Value: False

Whether a PrivateKey is available for the selected certificate. If PrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

PrivateKeyContainer
String (read-only)
Default Value: ""

The name of the PrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

PublicKey
String (read-only)
Default Value: ""

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

PublicKeyAlgorithm
String (read-only)
Default Value: ""

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

PublicKeyLength
int (read-only)
Default Value: 0

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

SerialNumber
String (read-only)
Default Value: ""

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

SignatureAlgorithm
String (read-only)
Default Value: ""

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

Store
String
Default Value: "MY"

The name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password-protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject field for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:


MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

StoreB
byte[]
Default Value: "MY"

The name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password-protected, specify the password in StorePassword.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:


MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

StorePassword
String
Default Value: ""

If the type of certificate store requires a password, this field is used to specify the password needed to open the certificate store.

StoreType
int
Default Value: 0

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This field can take one of the following values:


0 (cstUser - default)	For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: This store type is not available in Java.
1 (cstMachine)	For Windows, this specifies that the certificate store is a machine store. Note: This store type is not available in Java.
2 (cstPFXFile)	The certificate store is the name of a PFX (PKCS#12) file containing certificates.
3 (cstPFXBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format.
4 (cstJKSFile)	The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: This store type is only available in Java.
5 (cstJKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: This store type is only available in Java.
6 (cstPEMKeyFile)	The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)	The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)	The certificate store is the name of a PKCS#7 file containing certificates.
12 (cstP7BBlob)	The certificate store is a string (binary) representing a certificate store in PKCS#7 format.
13 (cstSSHPublicKeyFile)	The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)	The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)	The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)	The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)	The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)	The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)	The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)	The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: This store type is only available in Java and .NET.
22 (cstBCFKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: This store type is only available in Java and .NET.
23 (cstPKCS11)	The certificate is present on a physical security key accessible via a PKCS#11 interface. To use a security key, the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to `cstPKCS11`, CertStorePassword to the PIN, and CertStore to the full path of the PKCS#11 DLL. The certificate information returned in the CertList event's `CertEncoded` parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN. Code Example. SSH Authentication with Security Key: `certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);`
99 (cstAuto)	The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

SubjectAltNames
String (read-only)
Default Value: ""

Comma-separated lists of alternative subject names for the certificate.

ThumbprintMD5
String (read-only)
Default Value: ""

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA1
String (read-only)
Default Value: ""

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA256
String (read-only)
Default Value: ""

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

Usage
String (read-only)
Default Value: ""

The text description of UsageFlags.

This value will be one or more of the following strings and will be separated by commas:

Digital Signature
Non-Repudiation
Key Encipherment
Data Encipherment
Key Agreement
Certificate Signing
CRL Signing
Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

UsageFlags
int (read-only)
Default Value: 0

The flags that show intended use for the certificate. The value of UsageFlags is a combination of the following flags:


0x80	Digital Signature
0x40	Non-Repudiation
0x20	Key Encipherment
0x10	Data Encipherment
0x08	Key Agreement
0x04	Certificate Signing
0x02	CRL Signing
0x01	Encipher Only

Please see the Usage field for a text representation of UsageFlags.

This functionality currently is not available when the provider is OpenSSL.

Version
String (read-only)
Default Value: ""

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

Subject
String
Default Value: ""

The subject of the certificate used for client authentication.

This field will be populated with the full subject of the loaded certificate. When loading a certificate, the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:


Field	Meaning
CN	Common Name. This is commonly a hostname like www.server.com.
O	Organization
OU	Organizational Unit
L	Locality
S	State
C	Country
E	Email Address

If a field value contains a comma, it must be quoted.

Encoded
String
Default Value: ""

The certificate (PEM/Base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

EncodedB
byte[]
Default Value: ""

The certificate (PEM/Base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

Constructors

public Certificate();

Creates a instance whose properties can be set. This is useful for use with when generating new certificates.

public Certificate( certificateFile);

Opens CertificateFile and reads out the contents as an X.509 public key.

public Certificate( encoded);

Parses Encoded as an X.509 public key.

public Certificate( storeType,  store,  storePassword,  subject);

StoreType identifies the type of certificate store to use. See for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store.

After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X.509 certificate's subject Distinguished Name (DN). The Subject parameter can also take an MD5, SHA-1, or SHA-256 thumbprint of the certificate to load in a "Thumbprint=value" format.

public Certificate( storeType,  store,  storePassword,  subject,  configurationString);

ConfigurationString is a newline-separated list of name-value pairs that may be used to modify the default behavior. Possible values include "PersistPFXKey", which shows whether or not the PFX key is persisted after performing operations with the private key. This correlates to the PKCS12_NO_PERSIST_KEY CryptoAPI option. The default value is True (the key is persisted). "Thumbprint" - an MD5, SHA-1, or SHA-256 thumbprint of the certificate to load. When specified, this value is used to select the certificate in the store. This is applicable to the cstUser , cstMachine , cstPublicKeyFile , and cstPFXFile store types. "UseInternalSecurityAPI" shows whether the platform (default) or the internal security API is used when performing certificate-related operations.

public Certificate( storeType,  store,  storePassword,  encoded);

After the store has been successfully opened, the class will load Encoded as an X.509 certificate and search the opened store for a corresponding private key.

public Certificate( storeType,  store,  storePassword,  subject);

StoreType identifies the type of certificate store to use. See for descriptions of the different certificate stores. Store is a byte array containing the certificate data. StorePassword is the password used to protect the store.

public Certificate( storeType,  store,  storePassword,  subject,  configurationString);

public Certificate( storeType,  store,  storePassword,  encoded);

After the store has been successfully opened, the class will load Encoded as an X.509 certificate and search the opened store for a corresponding private key.

Firewall Type

The firewall the class will connect through.

Remarks

When connecting through a firewall, this type is used to specify different properties of the firewall, such as the firewall Host and the FirewallType.

The following fields are available:

Fields

AutoDetect
boolean
Default Value: False

Whether to automatically detect and use firewall system settings, if available.

Connection information will first be obtained from Java system properties, such as http.proxyHost and https.proxyHost. Java properties may be set in a variety of ways; please consult the Java documentation for information about how firewall and proxy values can be specified.

If no Java system properties define connection information, the class will inspect the Windows registry for connection information that may be present on the system (applicable only on Windows systems).

FirewallType
int
Default Value: 0

The type of firewall to connect through. The applicable values are as follows:


fwNone (0)	No firewall (default setting).
fwTunnel (1)	Connect through a tunneling proxy. Port is set to 80.
fwSOCKS4 (2)	Connect through a SOCKS4 Proxy. Port is set to 1080.
fwSOCKS5 (3)	Connect through a SOCKS5 Proxy. Port is set to 1080.
fwSOCKS4A (10)	Connect through a SOCKS4A Proxy. Port is set to 1080.

Host
String
Default Value: ""

The name or IP address of the firewall (optional). If a Host is given, the requested connections will be authenticated through the specified firewall when connecting.

If this field is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this field is set to the corresponding address. If the search is not successful, the class throws an exception.

Password
String
Default Value: ""

A password if authentication is to be used when connecting through the firewall. If Host is specified, the User and Password fields are used to connect and authenticate to the given firewall. If the authentication fails, the class throws an exception.

Port
int
Default Value: 0

The Transmission Control Protocol (TCP) port for the firewall Host. See the description of the Host field for details.

Note: This field is set automatically when FirewallType is set to a valid value. See the description of the FirewallType field for details.

User
String
Default Value: ""

A username if authentication is to be used when connecting through a firewall. If Host is specified, this field and the Password field are used to connect and authenticate to the given Firewall. If the authentication fails, the class throws an exception.

Constructors

public Firewall();

GISBData Type

The EDI payload of the message.

Remarks

The EDI payload of the message.

The following fields are available:

Fields

Data
String
Default Value: ""

This field contains the EDI payload of the transmission.

In a receiver, this field will only be populated if OutputStream has not been specified and ParseRequest finishes without an error. Data will contain the full decrypted text of the EDI message.

DataB
byte[]
Default Value: ""

This field contains the EDI payload of the transmission.

In a receiver, this field will only be populated if OutputStream has not been specified and ParseRequest finishes without an error. Data will contain the full decrypted text of the EDI message.

EDIType
String
Default Value: "X12"

The EDIType of the EDI message. The default value is "X12". EDIType may also be set to "error", in which case the message is an error relating to a previous message. In this case the ErrorMessage property and related properties will provide more information.

FileName
String
Default Value: ""

In a sender, if FileName is specified, the file specified will be used for the EDI payload of the transmission. Name will be populated with the name of the file.

In a receiver, if this field is set prior to calling ParseFormData and ParseRequest the incoming data will be decrypted and written to the file at the specified path.

Note: When OutputStream is set, the data will be written to the stream and this field will not be populated.

InputStream
java.io.InputStream
Default Value: ""

In a sender, if InputStream is specified, the data from the specified stream will be used for the EDI payload of the transmission.

Name
String
Default Value: "rfc1767.edi"

Name is the final name to be associated with the contents of either the Data or FileName fields. This corresponds to the filename attribute of the Content-Disposition header for the EDI payload.

When constructing EDI data to be sent, Name will be set to the same value as FileName, but can be overridden after setting FileName to indicate that another name should be used in the outbound request's Content-Disposition MIME header.

When receiving EDI data, Name will be read out of the "filename" attribute of the inbound request's Content-Disposition MIME header.

OutputStream
java.io.OutputStream
Default Value: ""

In a receiver, if this field is set, the EDI payload will be written to this stream if ParseRequest finishes without an error. The specified stream will contain the full decrypted text of the EDI message.

Constructors

public GISBData();

public GISBData( data,  EDIType);

public GISBData( fileName,  EDIType);

GISBElement Type

A name-value pair for extra data to be sent with a GISB message.

Remarks

A name-value pair for extra data to be sent with a GISB message.

The following fields are available:

Name

Value

Fields

Name
String
Default Value: ""

The name of the current data element.

Value
String
Default Value: ""

The value of the current data element.

Constructors

public GISBElement();

public GISBElement( name,  value);

HTTPCookie Type

An HTTP cookie can be either sent to or received from the server.

Remarks

An HTTP cookie can store the cookies that are to be sent to the server. It also may store the cookies sent by the server.

Cookies that are to be sent to the server must have the Name and Value fields supplied before submitting the URL. When the SetCookie event is fired, however, all of the fields of an HTTPCookie are filled out accordingly.

The following fields are available:

Fields

Domain
String (read-only)
Default Value: ""

The domain of a received cookie. This field contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, this field will contain an empty string. The convention in this case is to use the server name specified by URLServer as the cookie domain.

Expiration
String (read-only)
Default Value: ""

An expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, this field will contain an empty string. The convention is to drop the cookie at the end of the session.

Name
String
Default Value: ""

The name of the cookie.

This field, along with Value, stores the cookie that is to be sent to the server. The SetCookie event displays the cookies sent by the server and their properties.

Path
String (read-only)
Default Value: ""

A path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the path field will be an empty string. The convention in this case is to use the path specified by URLPath as the cookie path.

Secure
boolean (read-only)
Default Value: False

The security flag of the received cookie. This field specifies whether the cookie is secure. If the value of this field is True, the cookie value must be submitted only through a secure (HTTPS) connection.

Value
String
Default Value: ""

The value of the cookie. A corresponding value is associated with the cookie specified by Name. This property holds that value.

The SetCookie event provides the cookies set by the server.

Constructors

public HTTPCookie();

public HTTPCookie( name,  value);

Proxy Type

The proxy the class will connect to.

Remarks

When connecting through a proxy, this type is used to specify different properties of the proxy, such as the Server and the AuthScheme.

The following fields are available:

Fields

AuthScheme
int
Default Value: 0

The type of authorization to perform when connecting to the proxy. This is used only when the User and Password fields are set.

AuthScheme should be set to authNone (3) when no authentication is expected.

By default, AuthScheme is authBasic (0), and if the User and Password fields are set, the class will attempt basic authentication.

If AuthScheme is set to authDigest (1), digest authentication will be attempted instead.

If AuthScheme is set to authProprietary (2), then the authorization token will not be generated by the class. Look at the configuration file for the class being used to find more information about manually setting this token.

If AuthScheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this field will clear the values of User and Password.

AutoDetect
boolean
Default Value: False

Whether to automatically detect and use proxy system settings, if available. The default value is false.

Note: This setting is applicable only in Windows.

Password
String
Default Value: ""

A password if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password fields are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Port
int
Default Value: 80

The Transmission Control Protocol (TCP) port for the proxy Server (default 80). See the description of the Server field for details.

Server
String
Default Value: ""

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the Server field is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the Server field is set to the corresponding address. If the search is not successful, an error is returned.

SSL
int
Default Value: 0

When to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:


psAutomatic (0)	Default setting. If the URL is an `https` URL, the class will use the `psTunnel` option. If the URL is an `http` URL, the class will use the `psNever` option.
psAlways (1)	The connection is always SSL-enabled.
psNever (2)	The connection is not SSL-enabled.
psTunnel (3)	The connection is made through a tunneling (HTTP) proxy.

User
String
Default Value: ""

A username if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password fields are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Constructors

public Proxy();

public Proxy( server,  port);

public Proxy( server,  port,  user,  password);

Config Settings (GISBSender Class)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

GISBSender Config Settings

AllowOldPacketType: Whether to allow the older encrypted packet type.

By default the class will only encrypt data using the newer and more secure integrity protected data packet type. Old implementations such as PGP 6.5.8 may require the older less secure data packet type.

When set to True the class will read the features from the recipient key to determine if the older packet type is required. If the key does require the old packet type, then the older packet type will be used. If the key does not require the old packet type, then the new integrity protected packet type will still be used.

By default this value is False. This means under no conditions is the older less secure packet type used. The newer integrity protected packet type is always used.

Only enable this setting if you have a requirement to do so.

Authorization: The Authorization string to be sent to the server.

If the Authorization setting contains a non-empty string, an Authorization HTTP request header is added to the request. This header conveys Authorization information to the server.

This setting is provided so that the class can be extended with other security schemes in addition to the authorization schemes already implemented by the class.

The AuthScheme; setting defines the authentication scheme used. In the case of HTTP Basic Authentication (default), every time User and Password are set, they are Base64 encoded, and the result is put in the Authorization setting in the form "Basic [encoded-user-password]".

AuthScheme: The authorization scheme to be used when server authorization is to be performed.

Use the AuthScheme property to tell the component which type of authorization to perform when the User and Password properties are set. Possible values are:


0 (default)	Basic
1	Digest
2	Proprietary
3	None
4	NTLM
5	Negotiate
6	OAuth

By default, AuthScheme is Basic (0), and if the User and Password configuration settings are set, the component will attempt basic authentication. If AuthScheme is set to Digest (1), digest authentication will be attempted instead.

For security reasons, setting this value will clear the values of User and Password.

ForceV3Signature: Whether to use v3 signatures.

This setting is used to force v3 signatures for compatibility with older PGP implementations (versions 5 through 7).

The default value is False.

LogFilename: The base name of the log file.

If set, this will be used as for the filename of the log file.

Note that only the base name should be specified as the component will append the appropriate file extension.

LogLevel: Specifies the level of detail that is logged.

This setting is only applicable if PGPProviderType is set to Internal (1). This setting controls the level of detail that is logged through the Status event. Possible values are:


0 (None)	No events are logged.
1 (Info - default)	Informational events are logged.
2 (Verbose)	Detailed data is logged.
3 (Debug)	Debug data is logged.

Password: A password if authentication is to be used.

If AuthScheme is set to Basic, the User and Password are Base64 encoded and the result is put in the Authorization configuration setting in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest, the User and Password properties are used to respond to the HTTP Digest Authentication challenge from the server.

The User and Password properties must be set only after the URL property is set. When the URL property is set, for security reasons, User and Password are immediately cleared.

PGPCombineSignAndEncrypt: Whether to sign and encrypt in a single step or not.

By default, when signing and encrypting the GISB data, the class will sign first and then encrypt the signed message in a separate step. When this property is set to true, signing and encrypting will be combined into a single step.

Note that if you are using an external provider (i.e. PGPProviderType is set to 0), setting PGPCombineSignAndEncrypt to true will cause the class to call the PGPProvider's SignAndEncrypt method.

User: A user name if authentication is to be used.

If AuthScheme is set to Basic, the User and Password are Base64 encoded and the result is put in the Authorization configuration setting in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest, the User and Password properties are used to respond to the HTTP Digest Authentication challenge from the server.

The User and Password properties must be set only after the URL property is set. When the URL property is set, for security reasons, User and Password are immediately cleared.

Base Config Settings

BuildInfo: Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

GUIAvailable: Whether or not a message loop is available for processing events.

In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The class will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.

In some non-GUI applications, an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GUIAvailable to false will ensure that the class does not attempt to process external events.

LicenseInfo: Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a class is using. It will return the following information:

Product: The product the license is for.
Product Key: The key the license was generated from.
License Source: Where the license was found (e.g., RuntimeLicense, License File).
License Type: The type of license installed (e.g., Royalty Free, Single Server).
Last Valid Build: The last valid build number for which the license will work.

MaskSensitiveData: Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to true to mask sensitive data. The default is true.

This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

UseDaemonThreads: Whether threads created by the class are daemon threads.

If set to True (default), when the class creates a thread, the thread's Daemon property will be explicitly set to True. When set to False, the class will not set the Daemon property on the created thread. The default value is True.

UseFIPSCompliantAPI: Tells the class whether or not to use FIPS certified APIs.

When set to true, the class will utilize the underlying operating system's certified APIs. Java editions, regardless of OS, utilize Bouncy Castle Federal Information Processing Standards (FIPS), while all other Windows editions make use of Microsoft security libraries.

The Java edition requires installation of the FIPS-certified Bouncy Castle library regardless of the target operating system. This can be downloaded from https://www.bouncycastle.org/fips-java/. Only the "Provider" library is needed. The jar file should then be installed in a JRE search path.

The following classes must be imported in the application in which the component will be used:

import java.security.Security; import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider;

The Bouncy Castle provider must be added as a valid provider and must also be configured to operate in FIPS mode:

System.setProperty("org.bouncycastle.fips.approved_only","true"); Security.addProvider(new BouncyCastleFipsProvider());

When UseFIPSCompliantAPI is true, Secure Sockets Layer (SSL)-enabled classes can optionally be configured to use the Transport Layer Security (TLS) Bouncy Castle library. When SSLProvider is set to sslpAutomatic (default) or sslpInternal, an internal TLS implementation is used, but all cryptographic operations are offloaded to the Bouncy Castle FIPS provider to achieve FIPS-compliant operation. If SSLProvider is set to sslpPlatform, the Bouncy Castle JSSE will be used in place of the internal TLS implementation.

To enable the use of the Bouncy Castle JSSE take the following steps in addition to the steps above. Both the Bouncy Castle FIPS provider and the Bouncy Castle JSSE must be configured to use the Bouncy Castle TLS library in FIPS mode. Obtain the Bouncy Castle TLS library from https://www.bouncycastle.org/fips-java/. The jar file should then be installed in a JRE search path.

The following classes must be imported in the application in which the component will be used:

import java.security.Security; import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider; //required to use BCJSSE when SSLProvider is set to sslpPlatform import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;

The Bouncy Castle provider must be added as a valid provider and also must be configured to operate in FIPS mode:

System.setProperty("org.bouncycastle.fips.approved_only","true"); Security.addProvider(new BouncyCastleFipsProvider()); //required to use BCJSSE when SSLProvider is set to sslpPlatform Security.addProvider(new BouncyCastleJsseProvider("fips:BCFIPS")); //optional - configure logging level of BCJSSE Logger.getLogger("org.bouncycastle.jsse").setLevel(java.util.logging.Level.OFF); //configure the class to use BCJSSE component.setSSLProvider(1); //platform component.config("UseFIPSCompliantAPI=true"); Note: TLS 1.3 support requires the Bouncy Castle TLS library version 1.0.14 or later.

FIPS mode can be enabled by setting the UseFIPSCompliantAPI configuration setting to true. This is a static setting that applies to all instances of all classes of the toolkit within the process. It is recommended to enable or disable this setting once before the component has been used to establish a connection. Enabling FIPS while an instance of the component is active and connected may result in unexpected behavior.

For more details, please see the FIPS 140-2 Compliance article.

Note: Enabling FIPS compliance requires a special license; please contact sales@nsoftware.com for details.

UseInternalSecurityAPI: Whether or not to use the system security libraries or an internal implementation.

When set to false, the class will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this configuration setting to true tells the class to use the internal implementation instead of using the system security libraries.

This setting is set to false by default on all platforms.

Trappable Errors (GISBSender Class)

GISBSender Errors

651	Required field unspecified (by client).
662	Invalid request status reported by server (details follow).
664	Data was not processed by PGP.
701	Unable to write log file.
713	Unable to decompress message.

MIME Errors

3	Can't create the file for write (illegal name or disk is write-protected).
4	Can't open the file for read (doesn't exist?).
5	Can't read from file.
6	Can't write to file (disk full?).
280	Invalid Part Index.
281	Unknown MIME type.
282	No MIME-boundary found.
283	No file given.
284	The class is busy.
285	Can't create a temporary file to decode the data.
286	Can't read Message file.
287	No header separator found.
289	No separator found.
290	Input stream must have seeking enabled.

HTTP Errors

118	Firewall error. The error description contains the detailed message.
143	Busy executing current method.
151	HTTP protocol error. The error message has the server response.
152	No server specified in URL.
153	Specified URLScheme is invalid.
155	Range operation is not supported by server.
156	Invalid cookie index (out of range).
301	Interrupted.
302	Cannot open AttachedFile.

TCPClient Errors

100	You cannot change the RemotePort at this time. A connection is in progress.
101	You cannot change the RemoteHost (Server) at this time. A connection is in progress.
102	The RemoteHost address is invalid (0.0.0.0).
104	Already connected. If you want to reconnect, close the current connection first.
106	You cannot change the LocalPort at this time. A connection is in progress.
107	You cannot change the LocalHost at this time. A connection is in progress.
112	You cannot change MaxLineLength at this time. A connection is in progress.
116	RemotePort cannot be zero. Please specify a valid service port number.
117	You cannot change the UseConnection option while the class is active.
135	Operation would block.
201	Timeout.
211	Action impossible in control's present state.
212	Action impossible while not connected.
213	Action impossible while listening.
301	Timeout.
303	Could not open file.
434	Unable to convert string to selected CodePage.
1105	Already connecting. If you want to reconnect, close the current connection first.
1117	You need to connect first.
1119	You cannot change the LocalHost at this time. A connection is in progress.
1120	Connection dropped by remote host.

TCP/IP Errors

10004	[10004] Interrupted system call.
10009	[10009] Bad file number.
10013	[10013] Access denied.
10014	[10014] Bad address.
10022	[10022] Invalid argument.
10024	[10024] Too many open files.
10035	[10035] Operation would block.
10036	[10036] Operation now in progress.
10037	[10037] Operation already in progress.
10038	[10038] Socket operation on nonsocket.
10039	[10039] Destination address required.
10040	[10040] Message is too long.
10041	[10041] Protocol wrong type for socket.
10042	[10042] Bad protocol option.
10043	[10043] Protocol is not supported.
10044	[10044] Socket type is not supported.
10045	[10045] Operation is not supported on socket.
10046	[10046] Protocol family is not supported.
10047	[10047] Address family is not supported by protocol family.
10048	[10048] Address already in use.
10049	[10049] Cannot assign requested address.
10050	[10050] Network is down.
10051	[10051] Network is unreachable.
10052	[10052] Net dropped connection or reset.
10053	[10053] Software caused connection abort.
10054	[10054] Connection reset by peer.
10055	[10055] No buffer space available.
10056	[10056] Socket is already connected.
10057	[10057] Socket is not connected.
10058	[10058] Cannot send after socket shutdown.
10059	[10059] Too many references, cannot splice.
10060	[10060] Connection timed out.
10061	[10061] Connection refused.
10062	[10062] Too many levels of symbolic links.
10063	[10063] File name is too long.
10064	[10064] Host is down.
10065	[10065] No route to host.
10066	[10066] Directory is not empty
10067	[10067] Too many processes.
10068	[10068] Too many users.
10069	[10069] Disc Quota Exceeded.
10070	[10070] Stale NFS file handle.
10071	[10071] Too many levels of remote in path.
10091	[10091] Network subsystem is unavailable.
10092	[10092] WINSOCK DLL Version out of range.
10093	[10093] Winsock is not loaded yet.
11001	[11001] Host not found.
11002	[11002] Nonauthoritative 'Host not found' (try again or check DNS setup).
11003	[11003] Nonrecoverable errors: FORMERR, REFUSED, NOTIMP.
11004	[11004] Valid name, no data record (check DNS setup).