be.SIRAPRISE.util

Interface Signer

All Known Implementing Classes:

ClientSideOperatorImplementationsManagerSigner, ClientSideTypeImplementationsManagerSigner, DBObjectGenerator, DBObjectInterfaceGenerator, ProcessScript, UserPrivateKeyProvider

public interface Signer

Signers are used by clients in two circumstances :

• The client needs to establish a connection to a server and wants to authenticate itself
• The client needs to start a transaction for a non-anonymous user and wants/needs to authenticate the user identity by computing a signature

Author:

Erwin Smout

Method Summary

Modifier and Type	Method and Description
byte[]	decryptSecret(java.security.Signature signature, java.lang.String cipherInfoCipherName, byte[] encryptedSecret) Decrypts an encrypted secret, encryption of which was done using the public key corresponding to the private key we also use to sign messages with
byte[]	sign(java.security.Signature signature, byte[] signMessage) Computes the signature for the given byte string and the given Signature.

Method Detail

sign

byte[] sign(java.security.Signature signature,
            byte[] signMessage)
     throws java.security.InvalidKeyException,
            java.security.SignatureException,
            NotFoundException

Computes the signature for the given byte string and the given Signature. Normally, this involves three method invocations on the given Signature object :

• initSign() the Signature with a PrivateKey object which is to be obtained from private resources
• update() the Signature with the given byte string
• sign() to compute the signature bytes

Parameters:

signature - The Signature object to be used for computing the signature.

signMessage - The message to be signed.

Returns:

the computed signature

Throws:

java.security.InvalidKeyException - If the private key found for signing with this Signature, turns out to be invalid

java.security.SignatureException - If any problem occurred during computation of the signature

NotFoundException - If no private key could be found for signing with this Signature

decryptSecret

byte[] decryptSecret(java.security.Signature signature,
                     java.lang.String cipherInfoCipherName,
                     byte[] encryptedSecret)
              throws java.security.InvalidKeyException,
                     java.security.NoSuchAlgorithmException,
                     javax.crypto.NoSuchPaddingException,
                     NotFoundException,
                     javax.crypto.IllegalBlockSizeException,
                     javax.crypto.BadPaddingException

Decrypts an encrypted secret, encryption of which was done using the public key corresponding to the private key we also use to sign messages with

Parameters:

signature - The Signature object to be used for computing the signature.

cipherInfoCipherName - The name of the Cipher used to encrypt the secret

encryptedSecret - A secret to be shared between [the user of] this signer and a party we are communicating with, and who generated the secret, encrypting it with our public key.

Returns:

The decrypted secret

Throws:

NotFoundException - If the private key to be used for the decryption could not be found

javax.crypto.NoSuchPaddingException - If the cipherInfoCipherName does not indicate a usable Cipher name

java.security.NoSuchAlgorithmException - If the cipherInfoCipherName does not indicate a usable Cipher name

java.security.InvalidKeyException - If the public key in the given certificate is inappropriate for initializing this cipher, or this cipher requires algorithm parameters that cannot be determined from the public key in the given certificate, or the keysize of the public key in the given certificate has a keysize that exceeds the maximum allowable keysize (as determined by the configured jurisdiction policy files).

javax.crypto.BadPaddingException - If this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

javax.crypto.IllegalBlockSizeException - If cipherInfoCipherName indicates a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.