public interface DecryptionServer
DecryptionServer
contains CipherVersion
instances
assigned to a namespace.
Depending on the implementation, the DecryptionServer
might as well
contain a number of public keys (for an asymmetric encryption approach) also
assigned to the individual namespaces identifying the owners of the private
keys with which it is secure to communicate.
The DecryptionServer
might access persisted CipherVersion
instances. Depending on the implementation, the CipherVersion
instances to be persisted must be encrypted with the DecryptionServer
's public key. An EncryptionService
having this public key then can
do secure persisting.
Requesting the CipherVersion
instances from the
DecryptionServer
might then be done by authenticating that the
requester is entitled to request the cipher versions by verifying the
signature of a requester's message with the public keys by the
DecryptionServer
and by encrypting the CipherVersion
instances with that according public key. The DecryptionServer
itself
might use an asymmetric encryption approach to decrypt persisted
CipherVersion
instances persisted by the encryption server (and being
encrypted by the EncryptionService
).
A DecryptionServer
's wrapper could be hooked on top the
DecryptionServer
which uses the private key used for encrypting the
ciphers by the EncryptionService
to decrypt the ciphers and encrypts
the ciphers again with a public key from a key pair of an according
DecryptionService
. The DecryptionService
authenticates itself
with a message and a message's signature generated from its according private
key. The DecryptionServer
can validate the signature and use the
trusted public key for encryption. By replacing the implementation of the
DecryptionServer
, the way CipherVersion
instances are
persisted can be changed easily.
Modifier and Type | Method and Description |
---|---|
List<CipherVersion> |
getCipherVersions(String aNamespace,
String aMessage,
String aSignature)
Returns the currently available cipher versions.
|
List<CipherVersion> getCipherVersions(String aNamespace, String aMessage, String aSignature) throws SignatureVerificationException
ObjectOutputStream
. Though the stream is
encrypted with the public key of the message signer.
-------------------------------------------------------------------------
Another approach might not return a stream, it might return a list
containing the cipher versions with the ciphers being encrypted by the
public key. Or a stream is returned which is not encrypted but the
ciphers in the cipher versions carried by the stream.
-------------------------------------------------------------------------aNamespace
- The namespace for which to get the cipher versions.aMessage
- A message to be signed by the requester of the cipher
version.aSignature
- The signature of the requester so that the according
public key for encryption can be determined and the origin can be
verified.SignatureVerificationException
- in case verifying the signature
for the message failed to to no public key found which
successfully verified the signatureCopyright © 2016. All rights reserved.