Interface semper.certificate.RCModuleInterface
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface semper.certificate.RCModuleInterface

public interface RCModuleInterface
extends Object

Method Index

 o fillinTemplate(Template, CryptoKeyInfo)
Fill in the template given by the Certification Manager and return the filled-out template.
 o generateCAkeys(String)
Generate the CA's public,secret-keypair.
 o issueCertificate(String, String, CryptoKeyInfo, int, int, Date, Date, int)
Issue new Certificate.
 o retrieveCApkey(String)
Retrieve this CA's public key so that I (the CA) can send it to the Certificate Manager on the Client side, so that it can store it and that RCModule can use it when verifying Certificates issued by me.
 o storeCApkey(CryptoKeyInfo, String)
Store the public key of the CA, transferred before and having set its own name in a way so that it can be used to store the key by this routine under a name, that can be found by the verifyCertificate call.
 o verifyCertificate(Certificate)
Verify Certificates correctness.

Methods

 o fillinTemplate
  public abstract Template fillinTemplate(Template templ,
                                          CryptoKeyInfo pkey)
Fill in the template given by the Certification Manager and return the filled-out template.
Parameters:
: - Template to be filled.
: - The beforehand generated PublicKey (CryptoKeyInfo) that the user wants to use. A fingerprint hereof might be displayed in Tinguin to be sent via a secure Channel to RA, so that RA can use this fingerprint to check the Public Key written down in the filled-in template against this fingerprint. Signature function (RSA,DSA...) and hash function might also be extracted from the CryptoKeyInfo and displayed in Tinguin.
Returns:
s: Filled Template.
 o verifyCertificate
  public abstract boolean verifyCertificate(Certificate cert) throws CertificateException
Verify Certificates correctness. Should verify, whether Certificates Signature is correct. The Certificate Manager will check whether Certificate is of correct type, not outdated, etc.
Parameters:
: - Certificate cert that is to be checked.
Returns:
s: true if Certificate is signed correctly false if Signature doesn't match input.
 o issueCertificate
  public abstract Certificate issueCertificate(String ca,
                                               String user,
                                               CryptoKeyInfo userPubKey,
                                               int scope,
                                               int type,
                                               Date validStart,
                                               Date validEnd,
                                               int state) throws CertificateException
Issue new Certificate. RCModule should find a new serialNo, which can be used by the new Certificate. Then it should compute signature and produce a new Certificate containing all the data provided (if at all possible) plus signature plus serial Number.
Parameters:
ca - = Distinguished name of Certification Authority issuing this certificate
user - = Distinguished name of User to which certificate belongs.
pubKey - = The public key certified for this User by certificate.
scope - = Public keys scope (or application)
type - = Certificate Type
validStart - = Start of validity period
validEnd - = End of validity period
state - = status of the certificate
CASkey - = CA's Secret Key with which to sign Certificate.
Returns:
s newly issued Certificate containing the data issueCertificate was called with plus SerialNo and signature hashID and signatureID of the newly created Certificate should be set according to the info available in CA's public Key. (They are to be used in order to use a CA key of which possibly hash algorithm and signature generating method aren't known, but only the keyvalue.)
Throws: CertificateException
If there were no serialno more or if something else bad happened during the issuing.
 o generateCAkeys
  public abstract void generateCAkeys(String caName) throws CertificateException
Generate the CA's public,secret-keypair. This has to be used instead of the general CryptoMan.generatePublicKey() method, as the RCModule might (and in SecuDE's case *does*) use another way of generating public keys than the CryptoMan Module does. It should be possible to put this keypairs public part into a CryptoKeyInfo object, using the caName in a way, so that the RCModule on the client side can retrieve it (after storing it) and use that public key when verifying a certificate.
Parameters:
caName: - name of the ca for which I want to generate the keypair.
 o retrieveCApkey
  public abstract CryptoKeyInfo retrieveCApkey(String caName) throws CertificateException
Retrieve this CA's public key so that I (the CA) can send it to the Certificate Manager on the Client side, so that it can store it and that RCModule can use it when verifying Certificates issued by me.
Parameters:
CAname: - name of the CA (I).
Returns:
s my (the CA's) public key.
 o storeCApkey
  public abstract void storeCApkey(CryptoKeyInfo pkey,
                                   String CAname) throws CertificateException
Store the public key of the CA, transferred before and having set its own name in a way so that it can be used to store the key by this routine under a name, that can be found by the verifyCertificate call.
Parameters:
pkey: - the public key to be stored

All Packages  Class Hierarchy  This Package  Previous  Next  Index