com.prosysopc.ua

Class SecureIdentity

java.lang.Object

com.prosysopc.ua.SecureIdentity

Direct Known Subclasses:

ApplicationIdentity, UserIdentity

public class SecureIdentity
extends Object

Field Summary

Fields

Modifier and Type	Field and Description
protected Cert	certificate
protected PrivKey	privateKey

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	SecureIdentity()
	SecureIdentity(Cert certificate, PrivKey privateKey) Create a new identity
	SecureIdentity(File certificateFile, File privateKeyFile, String privateKeyPassword) Create a new identity by loading the certificate and private key from files.
	SecureIdentity(File storeLocation, String alias, String privateKeyPassword, String keyStorePassword, String keyStoreType) Creates a new SecureIdentity object from a pfx-keystore file.
	SecureIdentity(URL certificateFile, URL privateKeyFile, String privateKeyPassword) Create a new identity by loading the certificate and private key from files.

Method Summary

Modifier and Type	Method and Description
protected byte[]	decrypt(SecurityAlgorithm algorithm, byte[] dataToDecrypt, PrivKey privKey) Decrypt data using the provided securityPolicy.
byte[]	decrypt(SecurityPolicy securityPolicy, byte[] dataToDecrypt) Decrypt data using the provided securityPolicy.
byte[]	encrypt(SecurityPolicy securityPolicy, byte[] dataToEncrypt) Encrypt data using the provided securityPolicy.
boolean	equals(Object obj)
Cert	getCertificate()
KeyPair	getKeys()
PrivKey	getPrivateKey()
int	hashCode()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

certificate

protected Cert certificate

privateKey

protected final PrivKey privateKey

Constructor Detail

SecureIdentity

public SecureIdentity(Cert certificate,
                      PrivKey privateKey)

Create a new identity

Parameters:

certificate - The public key certificate

privateKey - The private key (optional)

SecureIdentity

public SecureIdentity(File certificateFile,
                      File privateKeyFile,
                      String privateKeyPassword)
               throws IOException,
                      SecureIdentityException

Create a new identity by loading the certificate and private key from files.

Parameters:

certificateFile - The certificate file.

privateKeyFile - The private key file.

privateKeyPassword - The password protecting the private key.

Throws:

IOException - If the files are not valid.

SecureIdentityException - if the certificate or private key file is not valid

SecureIdentity

public SecureIdentity(File storeLocation,
                      String alias,
                      String privateKeyPassword,
                      String keyStorePassword,
                      String keyStoreType)
               throws IOException,
                      SecureIdentityException

Creates a new SecureIdentity object from a pfx-keystore file.

Parameters:

storeLocation - location of the pfx-file

alias - string alias of the key pair, if null or not found in specified pfx-file, last entry is used

privateKeyPassword - password of the private key

keyStorePassword - password of the keystore

keyStoreType - type of the key store, "JKS" and "PKCS12" supported

Throws:

KeyStoreException - if the keystore has not been initialized (loaded)

NoSuchProviderException - if the specified provider (Bouncy Castle) is not registered in the security provider list

NoSuchAlgorithmException - if the algorithm used to check the integrity of the keystore cannot be found

CertificateException - if any of the certificates in the keystore could not be loaded

IOException

UnrecoverableKeyException - if a key in the keystore cannot be recovered

SecureIdentityException

SecureIdentity

public SecureIdentity(URL certificateFile,
                      URL privateKeyFile,
                      String privateKeyPassword)
               throws IOException,
                      SecureIdentityException

Create a new identity by loading the certificate and private key from files.

Parameters:

certificateFile - The certificate file.

privateKeyFile - The private key file.

privateKeyPassword - The password protecting the private key.

Throws:

IOException - If the files are not valid.

SecureIdentityException - if the certificate or private key file is not valid

SecureIdentity

protected SecureIdentity()

Method Detail

decrypt

public byte[] decrypt(SecurityPolicy securityPolicy,
                      byte[] dataToDecrypt)
               throws SecureIdentityException

Decrypt data using the provided securityPolicy. The PrivateKey is used to decrypt, according to the specified policy.

Parameters:

securityPolicy - the security policy to use for the encryption.

dataToDecrypt - data to decrypt

Returns:

the decrypted data

Throws:

SecureIdentityException - if the decryption fails

encrypt

public byte[] encrypt(SecurityPolicy securityPolicy,
                      byte[] dataToEncrypt)
               throws SecureIdentityException

Encrypt data using the provided securityPolicy. The Certificate is used to encrypt, according to the specified policy.

Parameters:

securityPolicy - the security policy to use for the encryption.

dataToEncrypt - data to encrypt

Returns:

the encrypted data

Throws:

SecureIdentityException - if the encryption fails

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

getCertificate

public Cert getCertificate()

getKeys

public KeyPair getKeys()

getPrivateKey

public PrivKey getPrivateKey()

hashCode

public int hashCode()

Overrides:

hashCode in class Object

decrypt

protected byte[] decrypt(SecurityAlgorithm algorithm,
                         byte[] dataToDecrypt,
                         PrivKey privKey)
                  throws SecureIdentityException

Decrypt data using the provided securityPolicy. The PrivateKey is used to decrypt, according to the specified policy.

Parameters:

algorithm - the security policy to use for the encryption.

dataToDecrypt - data to decrypt

privKey - the private key to use

Returns:

the decrypted data

Throws:

SecureIdentityException - if the decryption fails