Package org.certificateservices.messages

Interface MessageSecurityProvider

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.security.cert.X509Certificate getDecryptionCertificate​(java.lang.String keyId)
      Fetches the decryption certificate of related key id.
      java.security.cert.X509Certificate[] getDecryptionCertificateChain​(java.lang.String keyId)
      Fetches the decryption certificate chain of related key id can be one or more in size..
      java.security.PrivateKey getDecryptionKey​(java.lang.String keyId)
      Fetches a private key given it's unique identifier.
      java.util.Set<java.lang.String> getDecryptionKeyIds()
      Returns key identifiers of all available decryption keys.
      EncryptionAlgorithmScheme getEncryptionAlgorithmScheme()
      Method to fetch the EncryptionAlgorithmScheme to use when encrypting messages.
      java.lang.String getProvider()
      Method to retrieve JCE provider that should be used with keys provided by this provider.
      SigningAlgorithmScheme getSigningAlgorithmScheme()
      Method to fetch the SigningAlgorithmScheme to use when signing messages.
      java.security.cert.X509Certificate getSigningCertificate()
      Fetches the signing certificate used to create the digital signatures of the XML file.
      java.security.PrivateKey getSigningKey()
      Fetches the signing key used to create the digital signatures of the XML file.
      boolean isValidAndAuthorized​(java.security.cert.X509Certificate signCertificate, java.lang.String organisation)
      Method in charge of validating a certificate used to sign a PKI message and also check if the certificate is authorized to generate messages.

    • Field Detail

      • DEFAULT_DECRYPTIONKEY

        static final java.lang.String DEFAULT_DECRYPTIONKEY

    • Method Detail

      • getSigningKey

        java.security.PrivateKey getSigningKey()
                                throws MessageProcessingException
        Fetches the signing key used to create the digital signatures of the XML file.
        Returns:
        the signing key used.
        Throws:
        MessageProcessingException - if key isn't accessible or activated.

      • getSigningCertificate

        java.security.cert.X509Certificate getSigningCertificate()
                                                  throws MessageProcessingException
        Fetches the signing certificate used to create the digital signatures of the XML file.
        Returns:
        the signing certificate used.
        Throws:
        MessageProcessingException - if certificate isn't accessible.

      • getDecryptionKey

        java.security.PrivateKey getDecryptionKey​(java.lang.String keyId)
                                   throws MessageProcessingException
        Fetches a private key given it's unique identifier.
        Parameters:
        keyId - unique identifier of the key, if null should a default key be retrieved
        Returns:
        the related decryption key.
        Throws:
        MessageProcessingException

      • getDecryptionCertificate

        java.security.cert.X509Certificate getDecryptionCertificate​(java.lang.String keyId)
                                                     throws MessageProcessingException
        Fetches the decryption certificate of related key id.
        Parameters:
        keyId - unique identifier of the key, if null should a default key certificate be retrieved
        Returns:
        the related decryption certificate.
        Throws:
        MessageProcessingException - if certificate isn't accessible.

      • getDecryptionCertificateChain

        java.security.cert.X509Certificate[] getDecryptionCertificateChain​(java.lang.String keyId)
                                                            throws MessageProcessingException
        Fetches the decryption certificate chain of related key id can be one or more in size..
        Parameters:
        keyId - unique identifier of the key, if null should a default key certificate be retrieved
        Returns:
        the related decryption certificate chain
        Throws:
        MessageProcessingException - if certificate isn't accessible.

      • getDecryptionKeyIds

        java.util.Set<java.lang.String> getDecryptionKeyIds()
                                             throws MessageProcessingException
        Returns key identifiers of all available decryption keys.
        Returns:
        key identifiers of all available decryption keys.
        Throws:
        MessageProcessingException

      • isValidAndAuthorized

        boolean isValidAndAuthorized​(java.security.cert.X509Certificate signCertificate,
                             java.lang.String organisation)
                      throws java.lang.IllegalArgumentException,
                             MessageProcessingException
        Method in charge of validating a certificate used to sign a PKI message and also check if the certificate is authorized to generate messages.
        Parameters:
        signCertificate - the certificate used to sign the message.
        organisation - the related organisation to the message, null if no organisation lookup should be done.
        Returns:
        true if the sign certificate is valid and authorized to sign messages.
        Throws:
        java.lang.IllegalArgumentException - if arguments were invalid.
        MessageProcessingException - if internal error occurred validating the certificate.

      • getProvider

        java.lang.String getProvider()
        Method to retrieve JCE provider that should be used with keys provided by this provider.
        Returns:
        name of an JCE Provider that should be installed prior to usage of this MessageSecurityProvider if null should the JRE configured list of security providers be used.