4D E-Banking SDK 2022 Java Edition
Version 22.0 [Build 8593]

OFXBatch Class

Properties   Methods   Events   Config Settings   Errors  

Enables sending of multiple requests to an OFX server through a single connection.

Syntax

inebank.Ofxbatch

Remarks

The OFXBatch class allows your application to download account information, bank, credit card, investment, loan statements, make intrabank and/or interbank transfers, and/or download your FI profile in one single request submitted to the FI's OFX server. This class provides for applying a single authentication context to multiple requests in order to reduce the overhead of user authentication.

All downloads are batched into a single secure HTTPS connection to the financial institution. To use the OFXBatch class first identify the financial institution by setting the FIId, FIOrganization and FIUrl,properties. Next identify the OFX user and application by setting the OFXUser, OFXPassword, OFXAppId and OFXAppVersion properties. The same signon information will be used for the entire batch.

To build the request, depending on each request type, the corresponding IPWorks OFX components should be used. So, if account information, bank, credit card, investment, loan statement, bank transfer, and FI profile are part of this multiple request, then instances of Account, BankStatement, CCStatement, InvStatement, LoanStatement, BankTransfer, and FIProfile (corresponding to the each request type) should be used. The individual components that generate the OFX request aggregate will not need the sign on data to generate their request.

Set properties of each corresponding component (excluding the SignOn part which is already set), as you would do when using these components to send single requests to the server. Please refer to each class help files for details on how to build each individual OFX request .

Once you have finished setting the properties that describe each individual request, set the Request in OFXBatch to the OFXRequest of each corresponding component. For example:

OFXBatch.OFXBatchItems[0].Request = BankStatement.OFXRequest; OFXBatch.OFXBatchItems[1].Request = CCStatement.OFXRequest; OFXBatch.OFXBatchItems[2].Request = FIProfile.OFXRequest;

Then, use the PostRequest method to build and transmit the request automatically.

Message sets will/must appear in the following order in the request: Signon, Signup, Bank statement, Intrabank funds transfers, Credit card statements, Loan statements, Investment statements, Interbank funds transfers, and FI Profile, regardless of their order while populating the OFXBatchItems. In the server response, the message sets will be returned in the server response in the same order.

Upon successful response, the Response array property will be populated automatically, which will contain several blocks of information consisting of a server response for each request. To parse this response, the Response at the same index should be passed as OFXResponse of the corresponding component using the same order as submitted in the request.

BankStatement.OFXResponse = OFXBatch.OFXBatchItems[0].Response; CCStatement.OFXResponse = OFXBatch.OFXBatchItems[1].Response; FIProfile.OFXResponse = OFXBatch.OFXBatchItems[2].Response;

Properties of each class are now populated and ready for retrieval.

Note: If signon data is different across components, then they cannot be used in the same batch, otherwise an error will be thrown.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

FIIdFinancial institution identifier.
FIOrganizationFinancial institution organization name.
FirewallA set of properties related to firewall access.
FIUrlFinancial institution URL.
OFXAppIdOFX application identifier.
OFXAppVersionOFX application version.
OFXBatchItemsA list of items (requests/response pairs) that make up the current OFX batch.
OFXPasswordUser's password.
OFXUserUser's id.
ProxyThis property includes a set of properties related to proxy access.
SSLAcceptServerCertInstructs the class to unconditionally accept the server certificate that matches the supplied certificate.
SSLCertThe certificate to be used during SSL negotiation.
SSLProviderThis specifies the SSL/TLS implementation to use.
SSLServerCertThe server certificate for the last established connection.
TimeoutA timeout for the class.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
PostRequestSubmits a batch of requests to an OFX server through a single connection.
ReadOFXDataFileReads an OFX response from a file.
ResetReset the internal state of the class and all properties to their default values.
WriteOFXDataFileWrites the OFX response sent by the server to a file.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ConnectionStatusThis event is fired to indicate changes in the connection state.
ErrorInformation about errors during data delivery.
SSLServerAuthenticationFired after the server presents its certificate to the client.
SSLStatusShows the progress of the secure connection.

Config Settings


The following is a list of config settings for the class with short descriptions. Click on the links for further details.

CacheContentIf true, the original XML is saved in a buffer.
CharsetSpecifies the charset used when encoding data.
CloseInputStreamAfterProcessDetermines whether or not the input stream is closed after processing.
CloseOutputStreamAfterProcessDetermines whether or not the output stream is closed after processing.
EOLThe characters to use for separating lines.
ErrorOnEmptyAttrIf true, passing an invalid attribute to the Attr method will throw an exception.
ExtraNameCharsExtra characters for the parser to consider as name characters.
ExtraSpaceCharsExtra characters for the parser to consider as white space.
FlushOnEOLIf set, the parser flushes its text buffer after every line of text.
IgnoreBadAttributePrefixesIf true, bad (unknown) attribute prefixes are ignored.
IgnoreBadElementPrefixesIf true, bad (unknown) element prefixes are ignored.
IncludeElementPrefixWhether to include the prefix in the element name.
IncludeXMLDeclarationWhether to include the XML declaration when writing XML.
IndentThe characters to use for each indentation level.
OffsetCurrent offset of the document being parsed.
PreserveWhitespaceIf true, leading and trailing whitespace in element text is preserved.
QuoteCharQuote character to use for attribute values.
StringProcessingOptionsDefines options to use when processing string values.
BuildInfoInformation about the product's build.
GUIAvailableTells the class whether or not a message loop is available for processing events.
LicenseInfoInformation about the current license.
MaskSensitiveWhether sensitive data is masked in log messages.
UseDaemonThreadsWhether threads created by the class are daemon threads.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

FIId Property (OFXBatch Class)

Financial institution identifier.

Syntax


public String getFIId();


public void setFIId(String FIId);

Default Value

""

Remarks

FIId holds the identifier of the OFX Financial Institution and is used during signon. This value is unique for each organization name.

FIOrganization Property (OFXBatch Class)

Financial institution organization name.

Syntax


public String getFIOrganization();


public void setFIOrganization(String FIOrganization);

Default Value

""

Remarks

This is the name of the OFX Financial Institution and is used during signon. Each organization has a unique FIId that must also be used at signon.

Firewall Property (OFXBatch Class)

A set of properties related to firewall access.

Syntax


public Firewall getFirewall();


public void setFirewall(Firewall firewall);

Remarks

This is a Firewall type property which contains fields describing the firewall through which the class will attempt to connect.

FIUrl Property (OFXBatch Class)

Financial institution URL.

Syntax


public String getFIUrl();


public void setFIUrl(String FIUrl);

Default Value

""

Remarks

This is the URL of the OFX Financial Institution to which the class will signon and fetch data.

OFXAppId Property (OFXBatch Class)

OFX application identifier.

Syntax


public String getOFXAppId();


public void setOFXAppId(String OFXAppId);

Default Value

""

Remarks

This is the unique identifier of the user's OFX application.

OFXAppVersion Property (OFXBatch Class)

OFX application version.

Syntax


public String getOFXAppVersion();


public void setOFXAppVersion(String OFXAppVersion);

Default Value

""

Remarks

This is the version of the user's OFX application.

OFXBatchItems Property (OFXBatch Class)

A list of items (requests/response pairs) that make up the current OFX batch.

Syntax


public OFXBatchItemList getOFXBatchItems();


public void setOFXBatchItems(OFXBatchItemList OFXBatchItems);

Remarks

This collection represents the list of requests/responses to be sent/received through a single connection. It is used when the PostRequest, ReadOFXDataFile and WriteOFXDataFile methods are called.

Each OFX batch item has a Request, RequestType, RequestUID, and Response tied to it.

The Request should be set for each OFXBatchItemIndex = 0 to OFXBatchItemCount - 1 when any of the above listed methods are called. Upon successful response, the rest of the fields should be inspected for each index (that falls within the range listed above).

This property is not available at design time.

OFXPassword Property (OFXBatch Class)

User's password.

Syntax


public String getOFXPassword();


public void setOFXPassword(String OFXPassword);

Default Value

""

Remarks

This is the password used when signing on to the OFX Financial Institution's service.

OFXUser Property (OFXBatch Class)

User's id.

Syntax


public String getOFXUser();


public void setOFXUser(String OFXUser);

Default Value

""

Remarks

This is the UserID used when signing on to the OFX Financial Institution's service.

Proxy Property (OFXBatch Class)

This property includes a set of properties related to proxy access.

Syntax


public Proxy getProxy();


public void setProxy(Proxy proxy);

Remarks

This property contains fields describing the proxy through which the class will attempt to connect.

SSLAcceptServerCert Property (OFXBatch Class)

Instructs the class to unconditionally accept the server certificate that matches the supplied certificate.

Syntax


public Certificate getSSLAcceptServerCert();


public void setSSLAcceptServerCert(Certificate SSLAcceptServerCert);

Remarks

If it finds any issues with the certificate presented by the server, the class will normally terminate the connection with an error.

You may override this behavior by supplying a value for SSLAcceptServerCert. If the certificate supplied in SSLAcceptServerCert is the same as the certificate presented by the server, then the server certificate is accepted unconditionally, and the connection will continue normally.

Please note that this functionality is provided only for cases where you otherwise know that you are communicating with the right server. If used improperly, this property may create a security breach. Use it at your own risk.

SSLCert Property (OFXBatch Class)

The certificate to be used during SSL negotiation.

Syntax


public Certificate getSSLCert();


public void setSSLCert(Certificate SSLCert);

Remarks

The digital certificate that the class will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

SSLProvider Property (OFXBatch Class)

This specifies the SSL/TLS implementation to use.

Syntax


public int getSSLProvider();


public void setSSLProvider(int SSLProvider);


Enumerated values:
  public final static int sslpAutomatic = 0;
  public final static int sslpPlatform = 1;
  public final static int sslpInternal = 2;

Default Value

0

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic) the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are:

0 (sslpAutomatic - default)Automatically selects the appropriate implementation.
1 (sslpPlatform) Uses the platform/system implementation.
2 (sslpInternal) Uses the internal implementation.

Additional Notes

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected the platform implementation is used by default. When TLS 1.3 is enabled via SSLEnabledProtocols the internal implementation is used.

SSLServerCert Property (OFXBatch Class)

The server certificate for the last established connection.

Syntax


public Certificate getSSLServerCert();


Remarks

SSLServerCert contains the server certificate for the last established connection.

SSLServerCert is reset every time a new connection is attempted.

This property is read-only.

Timeout Property (OFXBatch Class)

A timeout for the class.

Syntax


public int getTimeout();


public void setTimeout(int timeout);

Default Value

60

Remarks

If the Timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If Timeout is set to a positive value, the class will wait for the operation to complete before returning control.

The class will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not "freeze" and remains responsive.

If Timeout expires, and the operation is not yet complete, the class throws an exception.

Please note that by default, all timeouts are inactivity timeouts, i.e. the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

The default value for the Timeout property is 60 seconds.

Config Method (Ofxbatch Class)

Sets or retrieves a configuration setting.

Syntax

public String config(String configurationString);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

PostRequest Method (Ofxbatch Class)

Submits a batch of requests to an OFX server through a single connection.

Syntax

public void postRequest();

Remarks

This function generates the Signon and multiple requests page, submits it to the financial institution via secure HTTPS Post, and receives the multiple responses stored in OFXBatchItems property.

To create the batch of requests, first you will to create instances of the corresponding components to request type such as BankStatement, CCStatement, InvStatement, or FIProfile. Then, build the OFX request for each component used.

Finally, set the Request array property to each OFXRequest of the corresponding component.

When PostRequest is called, the server response will be returned in Response array property, ready to be retrieved by each individual component.

ReadOFXDataFile Method (Ofxbatch Class)

Reads an OFX response from a file.

Syntax

public void readOFXDataFile(String fileName);

Remarks

This method reads a previously recorded OFX response from a file, including HTTP and OFX headers.

The following read-only properties are populated as a result of parsing the data file:

Reset Method (Ofxbatch Class)

Reset the internal state of the class and all properties to their default values.

Syntax

public void reset();

Remarks

The Reset method does not have any parameters and does not return any value.

WriteOFXDataFile Method (Ofxbatch Class)

Writes the OFX response sent by the server to a file.

Syntax

public void writeOFXDataFile(String fileName);

Remarks

This method records the entire OFX response, including HTTP and OFX headers to a file. This file can later be read and parsed by the ReadOFXDataFile method as though it were a live response.

ConnectionStatus Event (Ofxbatch Class)

This event is fired to indicate changes in the connection state.

Syntax

public class DefaultOfxbatchEventListener implements OfxbatchEventListener {
  ...
  public void connectionStatus(OfxbatchConnectionStatusEvent e) {}
  ...
}

public class OfxbatchConnectionStatusEvent {
  public String connectionEvent;
  public int statusCode;
  public String description;
}

Remarks

The ConnectionStatus event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.

The ConnectionEvent parameter indicates the type of connection event. Values may include the following:

Firewall connection complete.
Secure Sockets Layer (SSL) or S/Shell handshake complete (where applicable).
Remote host connection complete.
Remote host disconnected.
SSL or S/Shell connection broken.
Firewall host disconnected.

StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

Error Event (Ofxbatch Class)

Information about errors during data delivery.

Syntax

public class DefaultOfxbatchEventListener implements OfxbatchEventListener {
  ...
  public void error(OfxbatchErrorEvent e) {}
  ...
}

public class OfxbatchErrorEvent {
  public int errorCode;
  public String description;
}

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class throws an exception.

ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

SSLServerAuthentication Event (Ofxbatch Class)

Fired after the server presents its certificate to the client.

Syntax

public class DefaultOfxbatchEventListener implements OfxbatchEventListener {
  ...
  public void SSLServerAuthentication(OfxbatchSSLServerAuthenticationEvent e) {}
  ...
}

public class OfxbatchSSLServerAuthenticationEvent {
  public byte[] certEncoded;
  public String certSubject;
  public String certIssuer;
  public String status;
  public boolean accept;
}

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK"). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.

SSLStatus Event (Ofxbatch Class)

Shows the progress of the secure connection.

Syntax

public class DefaultOfxbatchEventListener implements OfxbatchEventListener {
  ...
  public void SSLStatus(OfxbatchSSLStatusEvent e) {}
  ...
}

public class OfxbatchSSLStatusEvent {
  public String message;
}

Remarks

The event is fired for informational and logging purposes only. Used to track the progress of the connection.

Certificate Type

This is the digital certificate being used.

Remarks

This type describes the current digital certificate. The certificate may be a public or private key. The fields are used to identify or select certificates.

Fields

EffectiveDate
String

This is the date on which this certificate becomes valid. Before this date, it is not valid. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

Encoded
String

This is the certificate (PEM/base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

EncodedB
byte[]

This is the certificate (PEM/base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

ExpirationDate
String

This is the date the certificate expires. After this date, the certificate will no longer be valid. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

ExtendedKeyUsage
String

This is a comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

Fingerprint
String

This is the hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

FingerprintSHA1
String

This is the hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

FingerprintSHA256
String

This is the hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

Issuer
String

This is the issuer of the certificate. This field contains a string representation of the name of the issuing authority for the certificate.

KeyPassword
String

This is the password for the certificate's private key (if any).

Some certificate stores may individually protect certificates' private keys, separate from the standard protection offered by the StorePassword. KeyPassword. This field can be used to read such password-protected private keys.

Note: this property defaults to the value of StorePassword. To clear it, you must set the property to the empty string (""). It can be set at any time, but when the private key's password is different from the store's password, then it must be set before calling PrivateKey.

PrivateKey
String

This is the private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The PrivateKey may be available but not exportable. In this case, PrivateKey returns an empty string.

PrivateKeyAvailable
boolean

This field shows whether a PrivateKey is available for the selected certificate. If PrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

PrivateKeyContainer
String

This is the name of the PrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

PublicKey
String

This is the public key of the certificate. The key is provided as PEM/Base64-encoded data.

PublicKeyAlgorithm
String

This field contains the textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

PublicKeyLength
int

This is the length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

SerialNumber
String

This is the serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

SignatureAlgorithm
String

The field contains the text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

Store
String

This is the name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject field for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

StoreB
byte[]

This is the name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject field for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

StorePassword
String

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

StoreType
int

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This field can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
23 (cstPKCS11)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstPKCS11, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

Subject
String

This is the subject of the certificate used for client authentication.

This field will be populated with the full subject of the loaded certificate. When loading a certificate the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

SubjectAltNames
String

This field contains comma-separated lists of alternative subject names for the certificate.

ThumbprintMD5
String

This field contains the MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA1
String

This field contains the SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA256
String

This field contains the SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

Usage
String

This field contains the text description of UsageFlags.

This value will be of one or more of the following strings and will be separated by commas:

  • Digital Signatures
  • Key Authentication
  • Key Encryption
  • Data Encryption
  • Key Agreement
  • Certificate Signing
  • Key Signing

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

UsageFlags
int

This field contains the flags that show intended use for the certificate. The value of UsageFlags is a combination of the following flags:

0x80Digital Signatures
0x40Key Authentication
0x20Key Encryption
0x10Data Encryption
0x08Key Agreement
0x04Certificate Signing
0x02Key Signing

Please see the Usage field for a text representation of UsageFlags.

This functionality currently is not available when the provider is OpenSSL.

Version
String

This field contains the certificate's version number. The possible values are the strings "V1", "V2", and "V3".

Constructors

public Certificate();

Creates a Certificate instance whose properties can be set. This is useful for use with CERTMGR when generating new certificates.

public Certificate( certificateFile);

Opens CertificateFile and reads out the contents as an X509 public key.

public Certificate( certificateData);

Parses CertificateData as an X509 public key.

public Certificate( certStoreType,  store,  storePassword,  subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  store,  storePassword,  subject,  configurationString);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. ConfigurationString is a newline separated list of name-value pairs that may be used to modify the default behavior. Possible values include "PersistPFXKey", which shows whether or not the PFX key is persisted after performing operations with the private key. This correlates to the PKCS12_NO_PERSIST_KEY CyrptoAPI option. The default value is True (the key is persisted). "Thumbprint" - a MD5, SHA1, or SHA256 thumbprint of the certificate to load. When specified, this value is used to select the certificate in the store. This is applicable to cstUser, cstMachine, cstPublicKeyFile, and cstPFXFile store types. "UseInternalSecurityAPI" shows whether the platform (default) or the internal security API is used when performing certificate-related operations. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  store,  storePassword,  encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

public Certificate( certStoreType,  storeBlob,  storePassword,  subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. StoreBlob is a string (binary- or base64-encoded) containing the certificate data. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  storeBlob,  storePassword,  subject,  configurationString);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. StoreBlob is a string (binary- or base64-encoded) containing the certificate data. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  storeBlob,  storePassword,  encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a string (binary- or base64-encoded) containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

Firewall Type

This is the firewall the class will connect through.

Remarks

When connecting through a firewall, this type is used to specify different properties of the firewall, such as the firewall Host and the FirewallType.

Fields

AutoDetect
boolean

This field tells the class whether or not to automatically detect and use firewall system settings, if available.

Connection information will first be obtained from Java system properties, such as http.proxyHost and https.proxyHost. Java properties may be set in a variety of ways; please consult the Java documentation for information about how firewall and proxy values can be specified.

If no Java system properties define connection information, the class will inspect the Windows registry for connection information that may be present on the system (applicable only on Windows systems).

FirewallType
int

This field determines the type of firewall to connect through. The applicable values are as follows:

fwNone (0)No firewall (default setting).
fwTunnel (1)Connect through a tunneling proxy. Port is set to 80.
fwSOCKS4 (2)Connect through a SOCKS4 Proxy. Port is set to 1080.
fwSOCKS5 (3)Connect through a SOCKS5 Proxy. Port is set to 1080.
fwSOCKS4A (10)Connect through a SOCKS4A Proxy. Port is set to 1080.

Host
String

This field contains the name or IP address of firewall (optional). If a Host is given, the requested connections will be authenticated through the specified firewall when connecting.

If this field is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this field is set to the corresponding address. If the search is not successful, the class throws an exception.

Password
String

This field contains a password if authentication is to be used when connecting through the firewall. If Host is specified, the User and Password fields are used to connect and authenticate to the given firewall. If the authentication fails, the class throws an exception.

Port
int

This field contains the transmission control protocol (TCP) port for the firewall Host. See the description of the Host field for details.

Note: This field is set automatically when FirewallType is set to a valid value. See the description of the FirewallType field for details.

User
String

This field contains a user name if authentication is to be used connecting through a firewall. If the Host is specified, this field and Password fields are used to connect and authenticate to the given Firewall. If the authentication fails, the class throws an exception.

Constructors

public Firewall();



OFXBatchItem Type

This type corresponds to a single OFX batch item in the list of OFX batch items.

Remarks

OFXBatchItem objects are used when adding new items in the current OFX, or when listing OFX batch items (if any) returned by the FI OFX server (when the corresponding methods: PostRequest, ReadOFXDataFile, or WriteOFXDataFile are called).

Fields

Request
String

OFX request aggregate. The Request is obtained by setting it to a OFXRequest aggregate of a class that corresponds to that request type. For example:

OFXBatch.OFXBatchItemCount = 3; OFXBatch.OFXBathcItems[0].Request = BankStatement.OFXRequest; OFXBatch.OFXBathcItems[1].Request = CCStatement.OFXRequest; OFXBatch.OFXBathcItems[2].Request = FIProfile.OFXRequest;

Message sets will/must appear in the following order in the batch request sent to the server: Signon, Signup, Bank statement, Intrabank funds transfers, Credit card statements, Loan statements, Investment statements, Interbank funds transfers, and FI Profile, regardless of their order while populating the OFXBatchItems. In the server response, the message sets will be returned in the server response in the same order.

RequestType
String

The type of OFX request included in the batch. Request types supported by OFXBatch component are: Account Info, Bank, Credit Card, Loan, and Investment statement download, Intrabank and Interbank Transfer, Bill Pay, and FI Profile. The support for these requests depend whether the FI OFX server supports that request type and whether they allow it to be part of a batch request.

Possible values and their meanings are as follows:

ValueMeaning
ACCTINFOAccount Information request
STMTBank Statement request
CCSTMTCredit Card Statement request
LOANSTMTLoan Statement request
INVSTMTInvestment Statement request
INTRAIntrabank Transfer request (Note: This is subject to synchronization and should be followed by calling the SynchronizeTransfers; method in BankTransfer class, depending on what was requested as part of the batch.)
INTERInterbank Transfer request (Note: This is subject to synchronization and should be followed by calling the SynchronizeTransfers; method in BankTransfer class, depending on what was requested as part of the batch.)
BILLPAYBill Payment request (Note: This is subject to synchronization and should be followed by calling the SynchronizePayments; and/or SynchronizePayees methods in BillPayment class, depending on what was requested as part of the batch.)
PROFFI Profile request

RequestUID
String

The current batch item's unique transaction ID.

The value in Response is parsed out of the server's response to the batch and matched to the appropriate original Request using by matching the response UID to the RequestUID.

Response
String

The OFX response aggregate. This string represents the OFX response aggregate for the current Request. When the OFXBatch is posted, the Response field will be populated automatically with the server's response to the Request.

For example, if the batch request consisted of BankStatement, CCStatement and FIProfile, such as:

OFXBatch.OFXBatchItemCount = 3; OFXBatch.OFXBatchItems[0].Request = BankStatement.OFXRequest; OFXBatch.OFXBatchItems[1].Request = CCStatement.OFXRequest; OFXBatch.OFXBatchItems[2].Request = FIProfile.OFXRequest;

Upon successful server response, the OFXResponse aggregate of the corresponding class should be set (in the same order as they were included in the batch request), for example:

BankStatement.OFXResponse = OFXBatch.OFXBatchItems[0].Response; CCStatement.OFXResponse = OFXBatch.OFXBatchItems[1].Response; FIProfile.OFXResponse = OFXBatch.OFXBatchItems[2].Response;

Properties of each class are now populated and ready for retrieval.

Constructors

public OFXBatchItem();



Proxy Type

This is the proxy the class will connect to.

Remarks

When connecting through a proxy, this type is used to specify different properties of the proxy, such as the Server and the AuthScheme.

Fields

AuthScheme
int

This field is used to tell the class which type of authorization to perform when connecting to the proxy. This is used only when the User and Password fields are set.

AuthScheme should be set to authNone (3) when no authentication is expected.

By default, AuthScheme is authBasic (0), and if the User and Password fields are set, the component will attempt basic authentication.

If AuthScheme is set to authDigest (1), digest authentication will be attempted instead.

If AuthScheme is set to authProprietary (2), then the authorization token will not be generated by the class. Look at the configuration file for the class being used to find more information about manually setting this token.

If AuthScheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this field will clear the values of User and Password.

AutoDetect
boolean

This field tells the class whether or not to automatically detect and use proxy system settings, if available. The default value is false.

Note: This setting is applicable only in Windows.

Password
String

This field contains a password if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Port
int

This field contains the Transmission Control Protocol (TCP) port for the proxy Server (default 80). See the description of the Server field for details.

Server
String

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the Server field is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the Server field is set to the corresponding address. If the search is not successful, an error is returned.

SSL
int

This field determines when to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:

psAutomatic (0)Default setting. If the URL is an https URL, the class will use the psTunnel option. If the URL is an http URL, the class will use the psNever option.
psAlways (1)The connection is always SSL enabled.
psNever (2)The connection is not SSL enabled.
psTunnel (3)The connection is made through a tunneling (HTTP) proxy.

User
String

This field contains a user name, if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Constructors

public Proxy();



public Proxy( server,  port);



public Proxy( server,  port,  user,  password);



Config Settings (Ofxbatch Class)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

XML Config Settings

CacheContent:   If true, the original XML is saved in a buffer.

This config controls whether or not the component retains the entire original XML in a buffer. This is used to retain the original XML as opposed to returning generated XML after parsing. The default value is true.

Charset:   Specifies the charset used when encoding data.

This setting specifies the character set used when encoding data. This value will also be used when creating the XMLDeclaration. The default value is "utf-8".

CloseInputStreamAfterProcess:   Determines whether or not the input stream is closed after processing.

Determines whether or not the input stream set by SetInputStream is closed after processing is complete. The default value is True.

CloseOutputStreamAfterProcess:   Determines whether or not the output stream is closed after processing.

Determines whether or not the output stream set by SetOutputStream is closed after processing is complete. The default value is True.

EOL:   The characters to use for separating lines.

If specified, the class will format the output XML, using the specified characters to separate multiple lines for nested XML elements. The default value is CRLF ("\r\n") .

This option should be combined with Indent for full effect.

ErrorOnEmptyAttr:   If true, passing an invalid attribute to the Attr method will throw an exception.

If an invalid attribute name is passed into the GetAttr method, the method will return with an empty string if this is set to false, otherwise an exception is thrown.

ExtraNameChars:   Extra characters for the parser to consider as name characters.

Normally, the parser considers only the following characters as part of an XML identifier: 'A' through 'Z', 'a' through 'z', '0' through '9', 0x0300 through 0x036F, 0x203F through 0x2040, and '.', '-', '_', ':'.

If you would like any other characters to be considered as name characters, you may set them as a string into this property.

ExtraSpaceChars:   Extra characters for the parser to consider as white space.

Normally, the parser considers only the following characters as white space: ' ' (space), '\t' (tab), '\ n' (newline), '\r' (carriage return), '\f' (form feed), and '\v' (vertical tab).

If you would like any other characters to be considered as white space, you may set them as a string into this property.

FlushOnEOL:   If set, the parser flushes its text buffer after every line of text.

The FlushOnEOL property controls whether Characters events are fired for every line of the input text stream or not. Normally lines are buffered internally and delivered in batches, but if the FlushOnEOL flag is set, then a Characters event is fired for each line.

IgnoreBadAttributePrefixes:   If true, bad (unknown) attribute prefixes are ignored.

Normally a trappable error is generated when an unknown attribute prefix is encountered. This setting suppresses the error. The default value is True.

IgnoreBadElementPrefixes:   If true, bad (unknown) element prefixes are ignored.

Normally a trappable error is generated when an unknown element prefix is encountered. This setting suppresses the error. The default value is True.

IncludeElementPrefix:   Whether to include the prefix in the element name.

This setting specifies whether to include the element prefix in the Element parameter of the StartElement and EndElement events.

If False (default) and Validate is set to False the prefix is included in the Element parameter. For instance: ds:DigestMethod

If True and Validate is set to False the prefix is not included in the Element parameter. For instance: DigestMethod

This setting is only applicable when Validate is False.

IncludeXMLDeclaration:   Whether to include the XML declaration when writing XML.

This setting specifies whether the XML declaration is included in the output XML when writing XML. When set to True (default) the XML declaration will be included above any user specified XML. For instance:

<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
...
Indent:   The characters to use for each indentation level.

If specified, the class will format the output XML, using the specified characters to denote each indentation level for nested XML elements.

This option should be combined with EOL for full effect.

Offset:   Current offset of the document being parsed.

This property is useful for determining the location of possible XML errors in the document.

Offset values start at 1.

PreserveWhitespace:   If true, leading and trailing whitespace in element text is preserved.

Normally the leading and trailing whitespace from an element's text is trimmed. When this property is set to true, this leading and trailing whitespace is preserved. The default value is false.

QuoteChar:   Quote character to use for attribute values.

By default, the class will use double quotes around attribute values. This property can be used to specify a different character such as a single quote.

StringProcessingOptions:   Defines options to use when processing string values.

This setting determines what additional processing is performed on string values fired through the Characters event..

Note: This only applies when BuildDOM is False.

By default no additional processing is performed and the string is returned as is from the document. Strings may also be XML unescaped. Possible values are:

0 (none - default) No additional processing is performed.
1 Strings are XML unescaped.

For instance, when set to 0 the following text may be fired through the Characters event:

&amp;&quot;&lt;&gt;

When set to 1 the following text would be fired through the Characters event:

&"<>

Base Config Settings

BuildInfo:   Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

GUIAvailable:   Tells the class whether or not a message loop is available for processing events.

In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The class will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.

In some non-GUI applications, an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GUIAvailable to false will ensure that the class does not attempt to process external events.

LicenseInfo:   Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a class is using. It will return the following information:

  • Product: The product the license is for.
  • Product Key: The key the license was generated from.
  • License Source: Where the license was found (e.g., RuntimeLicense, License File).
  • License Type: The type of license installed (e.g., Royalty Free, Single Server).
  • Last Valid Build: The last valid build number for which the license will work.
MaskSensitive:   Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to true to mask sensitive data. The default is true.

This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

UseDaemonThreads:   Whether threads created by the class are daemon threads.

If set to True (default), when the class creates a thread, the thread's Daemon property will be explicitly set to True. When set to False, the class will not set the Daemon property on the created thread. The default value is True.

UseInternalSecurityAPI:   Tells the class whether or not to use the system security libraries or an internal implementation.

When set to false, the class will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this setting to true tells the class to use the internal implementation instead of using the system security libraries.

This setting is set to false by default on all platforms.

Trappable Errors (Ofxbatch Class)

XML Errors

101   Invalid attribute index.
102   No attributes available.
103   Invalid namespace index.
104   No namespaces available.
105   Invalid element index.
106   No elements available.
107   Attribute does not exist.
201   Unbalanced element tag.
202   Unknown element prefix (can't find namespace).
203   Unknown attribute prefix (can't find namespace).
204   Invalid XML markup.
205   Invalid end state for parser.
206   Document contains unbalanced elements.
207   Invalid XPath.
208   No such child.
209   Top element does not match start of path.
210   DOM tree unavailable (set BuildDOM to true and reparse).
302   Can't open file.
401   Invalid XML would be generated.
402   An invalid XML name has been specified.

Copyright (c) 2023 4D Payments Inc.
4D E-Banking SDK 2022 Java Edition - Version 22.0 [Build 8593]