org.refcodes.forwardsecrecy

Class PublicKeyDecryptionServerWrapperImpl

java.lang.Object

org.refcodes.forwardsecrecy.PublicKeyDecryptionServerWrapperImpl

All Implemented Interfaces:

DecryptionServer

public class PublicKeyDecryptionServerWrapperImpl
extends Object
implements DecryptionServer

Wraps a decryption server and provides asymmetric encryption support. Implementation of the DecryptionServer, provides support for an asymmetric encryption approach. The retrieved cipher versions are decrypted with the provided private key and encrypted with a public key matching one of the public keys. This wrapper assumes that the wrapped decryption server passes encrypted ciphers in its cipher versions.

Constructor Summary

Constructors

Constructor and Description
PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer) Constructs the service with the required configuration.
PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) Constructs the service with the required configuration.
PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer) Constructs the service with the required configuration.
PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath, String aPrivateKeyPassPhrase, String aPublicKeysPath, DecryptionServer aDecryptionServer, CipherVersionFactory<CipherVersion> aCipherVersionFactory) Constructs the service with the required configuration.

Method Summary

Modifier and Type	Method and Description
List<CipherVersion>	getCipherVersions(String aNamespace, String aMessage, String aSignature) Returns the currently available cipher versions.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PublicKeyDecryptionServerWrapperImpl

public PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath,
                                            String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer,
                                            CipherVersionFactory<CipherVersion> aCipherVersionFactory)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            IOException

Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.

Parameters:

aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.

aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.

aDecryptionServer - The decryption server from which to retrieve the cipher versions

aCipherVersionFactory - The factory to be used for creating CipherVersion instances.

Throws:

edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.

IOException - in case of I/O problems

PublicKeyDecryptionServerWrapperImpl

public PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath,
                                            String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            IOException

Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.

Parameters:

aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.

aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.

aDecryptionServer - The decryption server from which to retrieve the cipher versions

Throws:

edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.

IOException - in case of I/O problems

PublicKeyDecryptionServerWrapperImpl

public PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath,
                                            String aPrivateKeyPassPhrase,
                                            String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            IOException

Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.

Parameters:

aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.

aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.

aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.

aDecryptionServer - The decryption server from which to retrieve the cipher versions

Throws:

edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.

IOException - in case of I/O problems

PublicKeyDecryptionServerWrapperImpl

public PublicKeyDecryptionServerWrapperImpl(String aPrivateKeyPath,
                                            String aPrivateKeyPassPhrase,
                                            String aPublicKeysPath,
                                            DecryptionServer aDecryptionServer,
                                            CipherVersionFactory<CipherVersion> aCipherVersionFactory)
                                     throws edu.vt.middleware.crypt.CryptException,
                                            IOException

Constructs the service with the required configuration. CAUTION: Regarding the public key files, only files having the suffix "*.pem" and which contain "pub" in the file name are considered for loading.

Parameters:

aPrivateKeyPath - The path on the file system to the private key to be used for decrypting any ciphers passed by the decryption server in CipherVersions retrieved from a storage.

aPrivateKeyPassPhrase - The pass phrase for decrypting the private key.

aPublicKeysPath - The folder in which the public keys reside. As there may be multiple files of which some are not public keys, files which do not have the suffix "*.pem" and which have not the term "pub" inside, are ignored.

aDecryptionServer - The decryption server from which to retrieve the cipher versions

aCipherVersionFactory - The factory to be used for creating CipherVersion instances.

Throws:

edu.vt.middleware.crypt.CryptException - in case the cryptography algorithm had problems.

IOException - in case of I/O problems

Method Detail

getCipherVersions

public List<CipherVersion> getCipherVersions(String aNamespace,
                                             String aMessage,
                                             String aSignature)
                                      throws SignatureVerificationException

Returns the currently available cipher versions. An implementation might just make use of an ObjectOutputStream. Though the stream is encrypted with the public key of the message signer. ------------------------------------------------------------------------- Another approach might not return a stream, it might return a list containing the cipher versions with the ciphers being encrypted by the public key. Or a stream is returned which is not encrypted but the ciphers in the cipher versions carried by the stream. -------------------------------------------------------------------------

Specified by:

getCipherVersions in interface DecryptionServer

Parameters:

aNamespace - The namespace for which to get the cipher versions.

aMessage - A message to be signed by the requester of the cipher version.

aSignature - The signature of the requester so that the according public key for encryption can be determined and the origin can be verified.

Returns:

A list as with the currently known cipher versions. The ciphers contained therein might be encrypted!

Throws:

SignatureVerificationException - in case verifying the signature for the message failed to to no public key found which successfully verified the signature