|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
IPKIHandler is a interface to handle easily the Public Key Infrastructe (PKI) in a LARS environment.
Field Summary | |
static String |
DATA_KEYS
the Map key to store the data-keys list |
static Integer |
DECRYPT
PKI-Handling type to decrypt messages |
static Integer |
DECRYPT_VERIFY
PKI-Handling type to decrypt and verify signatures in messages |
static Integer |
ENCRYPT
PKI-Handling type to encrypt messages |
static String |
ENCRYPTED
the Map key to store the encrypted data |
static String[] |
PKI_TYPES
contains the pkyType-names of the run levels |
static Integer |
SIGN
PKI-Handling type to sign messages |
static Integer |
SIGN_ENCRYPT
PKI-Handling type to sign and encrypt messages |
static String |
SIGNATURE
the Map key to store the signature |
static Integer |
VERIFY
PKI-Handling type to verify signatures in messages |
static String |
VERIFY_FLAG
the Map key to store the verify flag |
static Integer |
VERIFY_FLAG_FAILED
a value of the VERIFY_FLAG which means, that the signature verification failed |
static Integer |
VERIFY_FLAG_SUCCESS
a value of the VERIFY_FLAG which means, that the signature verification was successful |
static String |
VERIFY_MESSAGE
the Map key to store the verify message |
Method Summary | |
void |
checkTheValidityOfCachedCertificate(byte[] oneCachedCertificate)
This method takes a byte array representation of a certificate, and checks it agains the current date. if OK, nothing is returned, if not, exception will be thrown. |
Message |
doReceivingPKIHandling(Message currentMessage)
does the PKI handling for incoming messages (decrypting and/or validating signatures of the given message-content) PKI handling means: - Check whether the current service has to be handled - Doing the PKI-handling if necessary - Returning of the modified message (which is actually the reference on the given message) |
Message |
doSendingPKIHandling(Message currentMessage)
Does the PKI handling for incoming messages (signing and/or encrypting of the given message-content) PKI handling means: - Check whether the current service has to be handled - Doing the PKI-handling if necessary - Returning of the modified message (which is actually the reference on the given message) |
ArrayList |
getInvalidPublicKeyCertificates(HashMap thePublicKeyCertificateCache)
Get the list of keys whose certificates are no longer valid. |
Date |
getNextCRLUpdateDate()
This method returns the date of next CRL update. |
byte[] |
getOwnPublicKeyCertificate()
Gets the PublicKey Certificate as byte-array. |
byte[] |
getPKICertificate(Map userData)
Get a certificate of a user. |
String |
getRegisteredPKIMessages()
Gets all before registered message-subjects for trace-purposes. |
void |
setForeignPublicKeyCertificate(String keyID,
String certificateFileName,
String directoryName)
Sets a Foreign Public Key Certificate. |
void |
setOwnPublicKeyCertificate(String certificateFileName,
String directoryName)
Sets the own Public Key Certificate |
void |
setPKIMessage(String subject,
Integer pkiType,
List dataKeys)
Sets a message-subject which later have to be signed, verified, encrypted, decrypted, signed and encrypted, and decrypted and verified (controlled by the pkiType). |
void |
setPKIProvider(String className)
Loads the PKI-Provider by the given className. |
void |
setPrivateKey(String privateKeyFileName,
String directoryName,
String password)
Sets the Private Key which is later used to encrypt or to sign data. |
void |
setPublicPKIServer(Map publicPKIServerParameters)
Set the parameters to get certificates/ public keys from a public PKI Server. |
Field Detail |
public static final Integer SIGN
public static final Integer ENCRYPT
public static final Integer SIGN_ENCRYPT
public static final Integer DECRYPT
public static final Integer VERIFY
public static final Integer DECRYPT_VERIFY
public static final String[] PKI_TYPES
public static final String DATA_KEYS
public static final String SIGNATURE
public static final String ENCRYPTED
public static final String VERIFY_MESSAGE
public static final String VERIFY_FLAG
public static final Integer VERIFY_FLAG_SUCCESS
public static final Integer VERIFY_FLAG_FAILED
Method Detail |
public void setPKIProvider(String className) throws IllegalArgumentException
className
- the class-name of the wanted PKI-Provider (e.g. "com.ls.pki.BaltimorePKIUtils")IllegalArgumentException
- If a uncorrect Argument caused an errorpublic void setPrivateKey(String privateKeyFileName, String directoryName, String password) throws IllegalArgumentException, PKIBaseException
privateKeyFileName
- the file name of one's private keydirectoryName
- the directory name where the private key file resides.password
- the password to activate one's private keyIllegalArgumentException
- If a uncorrect Argument caused an errorPKIBaseException
- If a PKI error occurspublic void setOwnPublicKeyCertificate(String certificateFileName, String directoryName) throws IllegalArgumentException, PKIBaseException
certificateFileName
- the file name of one's certificate (contains the public key)directoryName
- the directory name where the certificate file resides.IllegalArgumentException
- if a uncorrect Argument caused an errorPKIBaseException
- If a PKI error occurspublic byte[] getOwnPublicKeyCertificate() throws PKIBaseException
PKIBaseException
- If a PKI error occurs -> PublicKey Certificate wasn't set beforepublic void setForeignPublicKeyCertificate(String keyID, String certificateFileName, String directoryName) throws IllegalArgumentException, PKIBaseException
keyID
- the id to access the public key certificate from the PublicKeyCachecertificateFileName
- the file name of one's certificate (contains the public key)directoryName
- the directory name where the certificate file resides.IllegalArgumentException
- If a uncorrect Argument caused an errorPKIBaseException
- If a PKI error occurspublic void setPKIMessage(String subject, Integer pkiType, List dataKeys) throws IllegalArgumentException
subject
- the message-subjectpkiType
- controls what happens later with the corresponding subject.dataKeys
- contains the data keys that have to be processed for a certain sending action.IllegalArgumentException
- If a uncorrect Argument caused an error
(pkiType doesn't exist or subject already set)public String getRegisteredPKIMessages()
public Message doReceivingPKIHandling(Message currentMessage) throws PKIBaseException
PKI handling means: - Check whether the current service has to be handled - Doing the PKI-handling if necessary - Returning of the modified message (which is actually the reference on the given message)
currentMessage
- the current messagePKIBaseException
- If a PKI error occurspublic Message doSendingPKIHandling(Message currentMessage) throws PKIBaseException
PKI handling means: - Check whether the current service has to be handled - Doing the PKI-handling if necessary - Returning of the modified message (which is actually the reference on the given message)
currentMessage
- the current messagePKIBaseException
- If a PKI error occurspublic void setPublicPKIServer(Map publicPKIServerParameters) throws PKIBaseException, IllegalArgumentException
publicPKIServerParameters
- Map which contains the needed Parameters (needed parameters
for Baltimore: String hostName, String port,
String userNamePKIServer, String passwordPKIServer,
String CACertificateFileName, String directoryName)PKIBaseException
- If a PKI-error occursIllegalArgumentException
- If the publicPKIServerParameters isn't correctly filledpublic byte[] getPKICertificate(Map userData) throws PKIBaseException, IllegalArgumentException
userData
- contains the needed userData to specify the user.
For instance CN=John Smith,OU=Development,O=Living Systems,C=DE.PKIBaseException
- If a PKI-error occursIllegalArgumentException
- If an illegal argument exception occurspublic void checkTheValidityOfCachedCertificate(byte[] oneCachedCertificate) throws PKIBaseException
oneCachedCertificate
- a byte array representation of a certificatePKIBaseException
- If the certificate's validity has expired or it will be valid in future, not nowpublic ArrayList getInvalidPublicKeyCertificates(HashMap thePublicKeyCertificateCache) throws PKIBaseException
thePublicKeyCertificateCache
- the cache of public key certificatePKIBaseException
- If a PKI-error occurspublic Date getNextCRLUpdateDate() throws PKIBaseException
PKIBaseException
- If LDAP exception happens.
|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |