- All Known Implementing Classes:
InMemoryDecryptionServer
,PublicKeyDecryptionServerWrapper
DecryptionServer
contains CipherVersion
instances
assigned to a namespace.
Depending on the implementation, the DecryptionServer
might as well
contain a number of public keys (for an asymmetric encryption approach) also
assigned to the individual namespaces identifying the owners of the private
keys with which it is secure to communicate.
The DecryptionServer
might access persisted CipherVersion
instances. Depending on the implementation, the CipherVersion
instances to be persisted must be encrypted with the DecryptionServer
's public key. An EncryptionService
having this public key then can
do secure persisting.
Requesting the CipherVersion
instances from the
DecryptionServer
might then be done by authenticating that the
requester is entitled to request the cipher versions by verifying the
signature of a requester's message with the public keys by the
DecryptionServer
and by encrypting the CipherVersion
instances with that according public key. The DecryptionServer
itself
might use an asymmetric encryption approach to decrypt persisted
CipherVersion
instances persisted by the encryption server (and being
encrypted by the EncryptionService
).
A DecryptionServer
's wrapper could be hooked on top the
DecryptionServer
which uses the private key used for encrypting the
ciphers by the EncryptionService
to decrypt the ciphers and encrypts
the ciphers again with a public key from a key pair of an according
DecryptionService
. The DecryptionService
authenticates itself
with a message and a message's signature generated from its according private
key. The DecryptionServer
can validate the signature and use the
trusted public key for encryption. By replacing the implementation of the
DecryptionServer
, the way CipherVersion
instances are
persisted can be changed easily.
-
Method Summary
Modifier and TypeMethodDescriptiongetCipherVersions
(String aNamespace, String aMessage, String aSignature) Returns the currently available cipher versions.
-
Method Details
-
getCipherVersions
List<CipherVersion> getCipherVersions(String aNamespace, String aMessage, String aSignature) throws SignatureVerificationException Returns the currently available cipher versions. An implementation might just make use of anObjectOutputStream
. Though the stream is encrypted with the public key of the message signer. ------------------------------------------------------------------------- Another approach might not return a stream, it might return a list containing the cipher versions with the ciphers being encrypted by the public key. Or a stream is returned which is not encrypted but the ciphers in the cipher versions carried by the stream. -------------------------------------------------------------------------- Parameters:
aNamespace
- The namespace for which to get the cipher versions.aMessage
- A message to be signed by the requester of the cipher version.aSignature
- The signature of the requester so that the according public key for encryption can be determined and the origin can be verified.- Returns:
- A list as with the currently known cipher versions. The ciphers contained therein might be encrypted!
- Throws:
SignatureVerificationException
- in case verifying the signature for the message failed to no public key found which successfully verified the signature
-