Package org.certificateservices.messages

Interface ContextMessageSecurityProvider

    • Method Detail

      • getDecryptionCertificate

        java.security.cert.X509Certificate getDecryptionCertificate​(ContextMessageSecurityProvider.Context context,
                                                            java.lang.String keyId)
                                                     throws MessageProcessingException
        Fetches the decryption certificate of related key id.
        Parameters:
        context - the related context, null for default context.
        keyId - unique identifier of the key, if null should a default key certificate be retrieved
        Returns:
        the related decryption certificate.
        Throws:
        MessageProcessingException - if certificate isn't accessible.

      • getDecryptionCertificateChain

        java.security.cert.X509Certificate[] getDecryptionCertificateChain​(ContextMessageSecurityProvider.Context context,
                                                                   java.lang.String keyId)
                                                            throws MessageProcessingException
        Fetches the decryption certificate chain of related key id can be one or more in size.
        Parameters:
        context - the related context, null for default context.
        keyId - unique identifier of the key, if null should a default key certificate be retrieved
        Returns:
        the related decryption certificate chain
        Throws:
        MessageProcessingException - if certificate isn't accessible.

      • isValidAndAuthorized

        boolean isValidAndAuthorized​(ContextMessageSecurityProvider.Context context,
                             java.security.cert.X509Certificate signCertificate,
                             java.lang.String organisation)
                      throws java.lang.IllegalArgumentException,
                             MessageProcessingException
        Method in charge of validating a certificate used to sign a PKI message and also check if the certificate is authorized to generate messages.
        Parameters:
        context - the related context, null for default context.
        signCertificate - the certificate used to sign the message.
        organisation - the related organisation to the message, null if no organisation lookup should be done.
        Returns:
        true if the sign certificate is valid and authorized to sign messages.
        Throws:
        java.lang.IllegalArgumentException - if arguments were invalid.
        MessageProcessingException - if internal error occurred validating the certificate.

      • getProvider

        java.lang.String getProvider​(ContextMessageSecurityProvider.Context context)
        Method to retrieve JCE provider that should be used with keys provided by this provider.
        Returns:
        name of an JCE Provider that should be installed prior to usage of this MessageSecurityProvider if null should the JRE configured list of security providers be used.