Package org.refcodes.forwardsecrecy

Class PublicKeyDecryptionServerWrapperImpl

  • All Implemented Interfaces:
    DecryptionServer

    public class PublicKeyDecryptionServerWrapperImpl
extends java.lang.Object
implements DecryptionServer
    Wraps a decryption server and provides asymmetric encryption support. Implementation of the DecryptionServer, provides support for an asymmetric encryption approach. The retrieved cipher versions are decrypted with the provided private key and encrypted with a public key matching one of the public keys. This wrapper assumes that the wrapped decryption server passes encrypted ciphers in its cipher versions.

    • Constructor Detail

      • PublicKeyDecryptionServerWrapperImpl

        public PublicKeyDecryptionServerWrapperImpl​(java.lang.String aPrivateKeyPath,
                                            java.lang.String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer,
                                            CipherVersionFactory<CipherVersion> aCipherVersionFactory)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            java.io.IOException
        Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
        Parameters:
        aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
        aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
        aDecryptionServer - The decryption server from which to retrieve the cipher versions
        aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
        Throws:
        edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.
        java.io.IOException - in case of I/O problems

      • PublicKeyDecryptionServerWrapperImpl

        public PublicKeyDecryptionServerWrapperImpl​(java.lang.String aPrivateKeyPath,
                                            java.lang.String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            java.io.IOException
        Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
        Parameters:
        aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
        aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
        aDecryptionServer - The decryption server from which to retrieve the cipher versions
        Throws:
        edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.
        java.io.IOException - in case of I/O problems

      • PublicKeyDecryptionServerWrapperImpl

        public PublicKeyDecryptionServerWrapperImpl​(java.lang.String aPrivateKeyPath,
                                            java.lang.String aPrivateKeyPassPhrase,
                                            java.lang.String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            java.io.IOException
        Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
        Parameters:
        aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
        aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
        aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
        aDecryptionServer - The decryption server from which to retrieve the cipher versions
        Throws:
        edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.
        java.io.IOException - in case of I/O problems

      • PublicKeyDecryptionServerWrapperImpl

        public PublicKeyDecryptionServerWrapperImpl​(java.lang.String aPrivateKeyPath,
                                            java.lang.String aPrivateKeyPassPhrase,
                                            java.lang.String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer,
                                            CipherVersionFactory<CipherVersion> aCipherVersionFactory)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            java.io.IOException
        Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
        Parameters:
        aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
        aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
        aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
        aDecryptionServer - The decryption server from which to retrieve the cipher versions
        aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
        Throws:
        edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.
        java.io.IOException - in case of I/O problems

    • Method Detail

      • getCipherVersions

        public java.util.List<CipherVersion> getCipherVersions​(java.lang.String aNamespace,
                                                       java.lang.String aMessage,
                                                       java.lang.String aSignature)
                                                throws SignatureVerificationException
        Returns the currently available cipher versions. An implementation might just make use of an ObjectOutputStream. Though the stream is encrypted with the public key of the message signer. ------------------------------------------------------------------------- Another approach might not return a stream, it might return a list containing the cipher versions with the ciphers being encrypted by the public key. Or a stream is returned which is not encrypted but the ciphers in the cipher versions carried by the stream. -------------------------------------------------------------------------
        Specified by:
        getCipherVersions in interface DecryptionServer
        Parameters:
        aNamespace - The namespace for which to get the cipher versions.
        aMessage - A message to be signed by the requester of the cipher version.
        aSignature - The signature of the requester so that the according public key for encryption can be determined and the origin can be verified.
        Returns:
        A list as with the currently known cipher versions. The ciphers contained therein might be encrypted!
        Throws:
        SignatureVerificationException - in case verifying the signature for the message failed to to no public key found which successfully verified the signature