Package org.certificateservices.messages.sensitivekeys

Class SensitiveKeysParser

  • public class SensitiveKeysParser
extends java.lang.Object
    Class to generate and parse Sensitive Keys Structures. It has also methods to create encrypted binary data defined in the credential managment protocol 2.0 specification.

    • Field Detail

      • NAMESPACE

        public static java.lang.String NAMESPACE

      • DEFAULT_VERSION

        public static java.lang.String DEFAULT_VERSION

      • SENSITIVE_KEYS_XSD_SCHEMA_RESOURCE_LOCATION

        public static final java.lang.String SENSITIVE_KEYS_XSD_SCHEMA_RESOURCE_LOCATION
        See Also:
        Constant Field Values

    • Constructor Detail

      • SensitiveKeysParser

        public SensitiveKeysParser​(MessageSecurityProvider securityProvider)
                    throws MessageProcessingException
        Constructor for Sensitive Keys Parser, this is the default method to create a parser, it should not be fetched by the PayloadParserRegistry since this is not a CSMessagePayload.
        Parameters:
        securityProvider - the security provider to use for encrypting and decrypting messages.
        Throws:
        MessageProcessingException - if internal problems occurred initializing the parser.

    • Method Detail

      • genKeyData

        public KeyData genKeyData​(java.security.KeyPair asymmetricKey)
        Method to convert an asymmetric key pair.
        Parameters:
        asymmetricKey - the java.security.KeyPair to convert, never null-
        Returns:
        a newly generated key data.

      • genKeyData

        public KeyData genKeyData​(EncodedKey publicKey,
                          EncodedKey privateKey)
        Method to create a key data for a asymmetric key.
        Parameters:
        publicKey - the public key of key pair to use, not null.
        privateKey - the private key of key pair to use, not null.
        Returns:
        a newly generated key data.

      • genKeyData

        public KeyData genKeyData​(java.security.Key symmetricKey)
        Method to create a key data for a symmetric java.security.Key.
        Parameters:
        symmetricKey - the symmetric key to use, not null.
        Returns:
        a newly generated key data.
        Throws:
        MessageProcessingException - if date convertion fails.

      • genKeyData

        public KeyData genKeyData​(EncodedKey symmetricKey)
        Method to create a key data for a symmetric key.
        Parameters:
        symmetricKey - the symmetric key to use, not null.
        Returns:
        a newly generated key data.
        Throws:
        MessageProcessingException - if date convertion fails.

      • getSymmetricKey

        public javax.crypto.SecretKey getSymmetricKey​(KeyData keyData)
                                       throws MessageContentException
        Method to recreate the java.security symmetric key from a key data.
        Parameters:
        keyData - the key data that must contain a symmetric key element.
        Returns:
        a secret key.
        Throws:
        MessageContentException - if key data didn't contain any valid secret key.

      • getAssymmetricKey

        public java.security.KeyPair getAssymmetricKey​(KeyData keyData)
                                        throws MessageContentException
        Method to recreate the java.security asymmetric key from a key data.
        Parameters:
        keyData - the key data that must contain a asymmetric key element.
        Returns:
        a reconstructed key pair..
        Throws:
        MessageContentException - if key data didn't contain any valid key pair or had unsupported algorithms.

      • encodeKey

        protected EncodedKey encodeKey​(java.security.Key key)

      • encryptAndMarshall

        public byte[] encryptAndMarshall​(KeyData key,
                                 java.util.List<java.security.cert.X509Certificate> recipients)
                          throws MessageContentException,
                                 MessageProcessingException
        Method to serialize and encrypt a sensitive key data to a given list of recipients.

        The data will first be transformed into a encrypted data.

        Parameters:
        key - the sensitive key data to serialize
        recipients - a list of recipients to encrypt the data to.
        Returns:
        a serialized version of the hard token data.
        Throws:
        MessageContentException - if hard token data contained invalid content.
        MessageProcessingException - if internal problems occurred marshalling the data.