public interface SecurityService
Before using this service, there are a number pre-requisites that have to be fulfilled. They are, in no particular order
A code example follows
SecurityService s = SecurityFactory.createService();
KeyStoreLocation ksi = KeystoreFactory.getDefault()
.create("file:///testKeyStore?type=JKS",
"password".toCharArray());
s.registerKeyStore(ksi);
Alias src = new Alias("myalias", "mypassword");
Alias partner = new Alias("theiralias");
Output target = s.encrypt("abcdefg".getBytes(), src, partner);
System.out.println(target.getAsString());
KeystoreLocation
Modifier and Type | Method and Description |
---|---|
Output |
encrypt(byte[] payload,
Alias us,
Alias partner)
Encrypt the given string into the Output object.
|
Output |
encrypt(java.lang.String payload,
Alias us,
Alias partner)
Encrypt the given string into the Output object.
|
void |
registerKeystore(ConfiguredKeystore k)
Register a keystore object for use during encryption sign and verify.
|
void |
removeKeystore(ConfiguredKeystore k)
Remove a keystore from the underlying map.
|
void |
setEncryptionAlgorithm(EncryptionAlgorithm a)
Set the encryption algorithm.
|
Output |
sign(byte[] payload,
Alias us)
Sign the payload with the private key specified by
Alias
. |
Output |
sign(byte[] payload,
Alias us,
Output target)
Sign the payload with the private key specified by
Alias
. |
Output |
sign(java.lang.String payload,
Alias us)
Sign the payload with the private key specified by
Alias
. |
Output |
sign(java.lang.String payload,
Alias us,
Output target)
Sign the payload with the private key specified by
Alias
. |
Output |
verify(byte[] payload,
Alias us,
Alias partner)
Decrypt the given bytes into the Output object.
|
Output |
verify(java.lang.String payload,
Alias us,
Alias partner)
Decrypt the given string into the Output object.
|
void setEncryptionAlgorithm(EncryptionAlgorithm a) throws AdaptrisSecurityException
Using this method will override the algorithm that is specified by the partner's public key. Generally, assymmetric keys are considered computationally intensive, so a symmetric key is used to encrypt the payload and this key is encrypted assymmetrically and sent along with the message itself.
a
- the algorithm to be used for encryption purposes.AdaptrisSecurityException
- wrapping any underlying exceptionEncryptionAlgorithm
void registerKeystore(ConfiguredKeystore k) throws AdaptrisSecurityException
If this method is called multiple times, then all keystores that have been registered will be searched for a matching certificate or private key.
k
- the KeystoreLocation object to register.AdaptrisSecurityException
- wrapping any underlying exceptionKeystoreLocation
void removeKeystore(ConfiguredKeystore k) throws AdaptrisSecurityException
k
- the KeystoreLocation object to remove.AdaptrisSecurityException
- wrapping any underlying exceptionOutput encrypt(byte[] payload, Alias us, Alias partner) throws AdaptrisSecurityException
payload
- the unencrypted payload.us
- a reference to the alias within the keystore to be usedpartner
- a reference to the alias within the keystore to be usedAdaptrisSecurityException
- wrapping any exceptionAlias
,
Output
Output encrypt(java.lang.String payload, Alias us, Alias partner) throws AdaptrisSecurityException
This is a convenience method that simply returns
this.encrypt(payload.getBytes(), us, partner)
.
No attempt is made to handle character encoding, the default is used.
payload
- the unencrypted payload.us
- a reference to the alias within the keystore to be usedpartner
- a reference to the alias within the keystore to be usedAdaptrisSecurityException
- wrapping any exceptionAlias
,
Output
,
encrypt(byte[], Alias, Alias)
Output verify(java.lang.String payload, Alias us, Alias partner) throws AdaptrisSecurityException
This is a convenience method that simply returns
this.verify(payload.getBytes(), us, partner)
.
No attempt is made to handle character encoding, the default is used.
payload
- the payload in the appropriate format for this
SecurityService
instance.us
- a reference to the alias within the keystore to be usedpartner
- a reference to the alias within the keystore to be usedAdaptrisSecurityException
- for any exceptionAlias
,
Output
,
verify(byte[], Alias, Alias)
Output verify(byte[] payload, Alias us, Alias partner) throws AdaptrisSecurityException
This will also verify that the signature (if provided is correct)
payload
- the payload in the appropriate format for this
SecurityService
instance.us
- a reference to the alias within the keystore to be usedpartner
- a reference to the alias within the keystore to be usedAdaptrisSecurityException
- for any exceptionAlias
,
Output
Output sign(byte[] payload, Alias us, Output target) throws AdaptrisSecurityException
Alias
.payload
- the unencrypted data to be signed.us
- a reference to the alias within the keystore to be used for
signingtarget
- the target which was returned by a previous encryption requestAdaptrisSecurityException
- for any exceptionAlias
,
Output
Output sign(java.lang.String payload, Alias us, Output target) throws AdaptrisSecurityException
Alias
.
This is a convenience method that simply returns
this.sign(payload.getBytes(), us, target)
.
No attempt is made to handle character encoding, the default is used.
payload
- the unencrypted data to be signed.us
- a reference to the alias within the keystore to be used for
signingtarget
- the target which was returned by a previous encryption requestAdaptrisSecurityException
- for any exceptionAlias
,
Output
,
sign(byte[],Alias,Output)
Output sign(byte[] payload, Alias us) throws AdaptrisSecurityException
Alias
.payload
- the unencrypted data to be signed.us
- a reference to the alias within the keystore to be used for
signingAdaptrisSecurityException
- for any exceptionAlias
,
Output
Output sign(java.lang.String payload, Alias us) throws AdaptrisSecurityException
Alias
.
This is a convenience method that simply returns
this.sign(payload.getBytes(), us)
.
No attempt is made to handle character encoding, the default is used.
payload
- the unencrypted data to be signed.us
- a reference to the alias within the keystore to be used for
signingAdaptrisSecurityException
- for any exceptionAlias
,
Output
,
sign(byte[], Alias)