Module org.refcodes.forwardsecrecy
Package org.refcodes.forwardsecrecy

Class PublicKeyDecryptionService

java.lang.Object
org.refcodes.forwardsecrecy.AbstractDecryptionService
org.refcodes.forwardsecrecy.PublicKeyDecryptionService
All Implemented Interfaces:
DecryptionService
public class PublicKeyDecryptionService extends AbstractDecryptionService
The DecryptionService retrieves CipherVersion instances from the DecryptionServer and is decrypting the ciphers contained in the CipherVersion instances with a private key.

  • Constructor Details

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aDecryptionServer - The decryption server for accessing the cipher versions
      aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aDecryptionServer - The decryption server for accessing the cipher versions
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, String aPrivateKeyPassPhrase, DecryptionServer aDecryptionServer) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
      aDecryptionServer - The decryption server for accessing the cipher versions
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory, long aCipherVersionsExpireTimeMillis) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aDecryptionServer - The decryption server for accessing the cipher versions
      aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
      aCipherVersionsExpireTimeMillis - The time in milliseconds after which them loaded cipher versions expire and are reloaded. A value of 0 indicates that them cipher versions expire immediately (default). A value of -1 indicate that them cipher versions expire never.
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, DecryptionServer aDecryptionServer, long aCipherVersionsExpireTimeMillis) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aDecryptionServer - The decryption server for accessing the cipher versions
      aCipherVersionsExpireTimeMillis - The time in milliseconds after which them loaded cipher versions expire and are reloaded. A value of 0 indicates that them cipher versions expire immediately (default). A value of -1 indicate that them cipher versions expire never.
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, String aPrivateKeyPassPhrase, DecryptionServer aDecryptionServer, long aCipherVersionsExpireTimeMillis) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
      aDecryptionServer - The decryption server for accessing the cipher versions
      aCipherVersionsExpireTimeMillis - The time in milliseconds after which them loaded cipher versions expire and are reloaded. A value of 0 indicates that them cipher versions expire immediately (default). A value of -1 indicate that them cipher versions expire never.
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

    • PublicKeyDecryptionService

      public PublicKeyDecryptionService(String aNamespece, String aPrivateKeyPath, String aPrivateKeyPassPhrase, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory, long aCipherVersionsExpireTimeMillis) throws CryptException, IOException, InvalidKeySpecException, NoSuchAlgorithmException
      Constructs the service with the required services and configuration.
      Parameters:
      aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.
      aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.
      aDecryptionServer - The decryption server for accessing the cipher versions
      aCipherVersionFactory - The factory to be used for creating CipherVersion instances.
      aCipherVersionsExpireTimeMillis - The time in milliseconds after which them loaded cipher versions expire and are reloaded. A value of 0 indicates that them cipher versions expire immediately (default). A value of -1 indicate that them cipher versions expire never.
      Throws:
      IOException - in case of I/O problems
      CryptException - in case the cryptography algorithm had problems.
      NoSuchAlgorithmException - thrown in case the cryptographic algorithm was not found.
      InvalidKeySpecException - thrown in case an invalid key spec has been encountered.

  • Method Details

    • toSignature

      protected String toSignature(String aMessage)
      Creates a signature for the given aMessage.
      Specified by:
      toSignature in class AbstractDecryptionService
      Parameters:
      aMessage - The aMessage for which a signature is to be generated
      Returns:
      The signature for the aMessage

    • createMessage

      protected String createMessage()
      Creates a aMessage for which a signature is to be created in order to authenticate for the retrieval of the cipher versions. A decryption server should deny any requests to get cipher versions in case the same aMessage is used twice.
      Specified by:
      createMessage in class AbstractDecryptionService
      Returns:
      The aMessage

    • toDecryptedCipherVersion

      protected <CV extends CipherVersion> CV toDecryptedCipherVersion(CV aEncyrptedCipherVersion)
      To decrypted cipher version.
      Specified by:
      toDecryptedCipherVersion in class AbstractDecryptionService
      Type Parameters:
      CV - the generic type
      Parameters:
      aEncyrptedCipherVersion - the encyrpted cipher version
      Returns:
      the cv