Module org.refcodes.forwardsecrecy
Package org.refcodes.forwardsecrecy
Class PublicKeyDecryptionServerWrapper
java.lang.Object
org.refcodes.forwardsecrecy.PublicKeyDecryptionServerWrapper
- All Implemented Interfaces:
DecryptionServer
Wraps a decryption server and provides asymmetric encryption support.
Implementation of the
DecryptionServer
, provides support for an
asymmetric encryption approach. The retrieved cipher versions are decrypted
with the provided private key and encrypted with a public key matching one of
the public keys. This wrapper assumes that the wrapped decryption server
passes encrypted ciphers in its cipher versions.-
Constructor Summary
ConstructorDescriptionPublicKeyDecryptionServerWrapper
(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer) Constructs the service with the required configuration.PublicKeyDecryptionServerWrapper
(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) Constructs the service with the required configuration.PublicKeyDecryptionServerWrapper
(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer) Constructs the service with the required configuration.PublicKeyDecryptionServerWrapper
(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) Constructs the service with the required configuration. -
Method Summary
Modifier and TypeMethodDescriptiongetCipherVersions
(String aNamespace, String aMessage, String aSignature) Returns the currently available cipher versions.
-
Constructor Details
-
PublicKeyDecryptionServerWrapper
public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.- Parameters:
aPrivateKeyPath
- The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.aPublicKeysPath
- The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.aDecryptionServer
- The decryption server from which to retrieve the cipher versionsaCipherVersionFactory
- The factory to be used for creatingCipherVersion
instances.- Throws:
CryptException
- in case the cryptography algorithm had problems.IOException
- in case of I/O problemsNoSuchAlgorithmException
- thrown in case the cryptographic algorithm was not found.InvalidKeySpecException
- thrown in case an invalid key spec has been encountered.
-
PublicKeyDecryptionServerWrapper
public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.- Parameters:
aPrivateKeyPath
- The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.aPublicKeysPath
- The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.aDecryptionServer
- The decryption server from which to retrieve the cipher versions- Throws:
CryptException
- in case the cryptography algorithm had problems.IOException
- in case of I/O problemsNoSuchAlgorithmException
- thrown in case the cryptographic algorithm was not found.InvalidKeySpecException
- thrown in case an invalid key spec has been encountered.
-
PublicKeyDecryptionServerWrapper
public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.- Parameters:
aPrivateKeyPath
- The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.aPrivateKeyPassPhrase
- The pass phrase for decrypting the private key.aPublicKeysPath
- The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.aDecryptionServer
- The decryption server from which to retrieve the cipher versions- Throws:
CryptException
- in case the cryptography algorithm had problems.IOException
- in case of I/O problemsNoSuchAlgorithmException
- thrown in case the cryptographic algorithm was not found.InvalidKeySpecException
- thrown in case an invalid key spec has been encountered.
-
PublicKeyDecryptionServerWrapper
public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.- Parameters:
aPrivateKeyPath
- The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.aPrivateKeyPassPhrase
- The pass phrase for decrypting the private key.aPublicKeysPath
- The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.aDecryptionServer
- The decryption server from which to retrieve the cipher versionsaCipherVersionFactory
- The factory to be used for creatingCipherVersion
instances.- Throws:
CryptException
- in case the cryptography algorithm had problems.IOException
- in case of I/O problemsNoSuchAlgorithmException
- thrown in case the cryptographic algorithm was not found.InvalidKeySpecException
- thrown in case an invalid key spec has been encountered.
-
-
Method Details
-
getCipherVersions
public List<CipherVersion> getCipherVersions(String aNamespace, String aMessage, String aSignature) throws SignatureVerificationException Returns the currently available cipher versions. An implementation might just make use of anObjectOutputStream
. Though the stream is encrypted with the public key of the aMessage signer. ------------------------------------------------------------------------- Another approach might not return a stream, it might return a list containing the cipher versions with the ciphers being encrypted by the public key. Or a stream is returned which is not encrypted but the ciphers in the cipher versions carried by the stream. -------------------------------------------------------------------------- Specified by:
getCipherVersions
in interfaceDecryptionServer
- Parameters:
aNamespace
- The namespace for which to get the cipher versions.aMessage
- A aMessage to be signed by the requester of the cipher version.aSignature
- The signature of the requester so that the according public key for encryption can be determined and the origin can be verified.- Returns:
- A list as with the currently known cipher versions. The ciphers contained therein might be encrypted!
- Throws:
SignatureVerificationException
- in case verifying the signature for the aMessage failed to no public key found which successfully verified the signature
-