Module org.refcodes.forwardsecrecy
Package org.refcodes.forwardsecrecy

Class PublicKeyDecryptionServerWrapper

java.lang.Object
org.refcodes.forwardsecrecy.PublicKeyDecryptionServerWrapper
All Implemented Interfaces:
DecryptionServer
public class PublicKeyDecryptionServerWrapper extends Object implements DecryptionServer
Wraps a decryption server and provides asymmetric encryption support. Implementation of the DecryptionServer, provides support for an asymmetric encryption approach. The retrieved cipher versions are decrypted with the provided private key and encrypted with a public key matching one of the public keys. This wrapper assumes that the wrapped decryption server passes encrypted ciphers in its cipher versions.

  • Constructor Details

    • PublicKeyDecryptionServerWrapper

      public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
      aDecryptionServer - The decryption server from which to retrieve the cipher versions
      aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
      Throws:
      CryptException - in case the cryptography algorithm had problems.
      IOException - in case of I/O problems
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionServerWrapper

      public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
      aDecryptionServer - The decryption server from which to retrieve the cipher versions
      Throws:
      CryptException - in case the cryptography algorithm had problems.
      IOException - in case of I/O problems
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionServerWrapper

      public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
      aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
      aDecryptionServer - The decryption server from which to retrieve the cipher versions
      Throws:
      CryptException - in case the cryptography algorithm had problems.
      IOException - in case of I/O problems
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionServerWrapper

      public PublicKeyDecryptionServerWrapper(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
      aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.
      aDecryptionServer - The decryption server from which to retrieve the cipher versions
      aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
      Throws:
      CryptException - in case the cryptography algorithm had problems.
      IOException - in case of I/O problems
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

  • Method Details

    • getCipherVersions

      public List<CipherVersion> getCipherVersions(String aNamespace, String aMessage, String aSignature) throws SignatureVerificationException
      Returns the currently available cipher versions. An implementation might just make use of an ObjectOutputStream. Though the stream is encrypted with the public key of the aMessage signer. ------------------------------------------------------------------------- Another approach might not return a stream, it might return a list containing the cipher versions with the ciphers being encrypted by the public key. Or a stream is returned which is not encrypted but the ciphers in the cipher versions carried by the stream. -------------------------------------------------------------------------
      Specified by:
      getCipherVersions in interface DecryptionServer
      Parameters:
      aNamespace - The namespace for which to get the cipher versions.
      aMessage - A aMessage to be signed by the requester of the cipher version.
      aSignature - The signature of the requester so that the according public key for encryption can be determined and the origin can be verified.
      Returns:
      A list as with the currently known cipher versions. The ciphers contained therein might be encrypted!
      Throws:
      SignatureVerificationException - in case verifying the signature for the aMessage failed to no public key found which successfully verified the signature