Interface semper.certificate.RCModuleInterface 
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface semper.certificate.RCModuleInterface

public interface RCModuleInterface
extends Object
This is the interface, that all RCModules should implement in order to provide registration, issuing and general handling of certificates via SEMPER.

Method Index

o computeDN(Template)
Computes a DN for the user based on the information in the Template.
o generateCAkeys()
Generate the CA's keypair.
o getNewSerialNumber()
Returns a new (unused) serial number to be used in registrations and certificates.
o getRegistrationStatus(String, long)
Returns the status of the registration.
o initRCmodule(String)
This function initialises the module.
o issueCertificate(Registration, CryptoKeyInfo, int, int, Date, Date, int)
Issue new Certificate.
o makeRegistration(Template)
Register information about a user based on the information in a Template.
o retrieveCApkey(String)
Retrieve this CA's public key so that I (the CA) can send it to the Certificate Manager on the Client side, so that it can store it and that RCModule can use it when verifying Certificates issued by me.
o storeCApkey(CryptoKeyInfo, String)
Store the public key of the CA.
o verifyCertificate(Certificate)
Verify Certificates correctness.

Methods

o initRCmodule 
  public abstract void initRCmodule(String myDN) throws CertificateException
This function initialises the module. It is called when the manager is initialised.
Parameters:
myDN - is the distinguished name of the CA.
Throws: CertificateException
if the module for some reason could not be initialised
o getNewSerialNumber 
  public abstract long getNewSerialNumber() throws CertificateException
Returns a new (unused) serial number to be used in registrations and certificates. In the manager this serial number will used to identify templates (registration forms), registrations and certificates).
Returns:
A new serial number
Throws: CertificateException
if no new serial number could be generated
o computeDN 
  public abstract String computeDN(Template templ) throws CertificateException
Computes a DN for the user based on the information in the Template. This designated name must be used in the registration and certificate later on as the manager needs this name.
Parameters:
templ - is a filled out template
Returns:
a string containing a DN for the user
Throws: CertificateException
if the DN could not be domputed
o verifyCertificate 
  public abstract boolean verifyCertificate(Certificate cert) throws CertificateException
Verify Certificates correctness. Should at least verify whether Certificates Signature is correct. The Certificate Manager will check whether Certificate is of correct type, not outdated, etc.
Parameters:
Certificate - cert that is to be checked.
Returns:
true if Certificate is signed correctly false if Signature doesn't match input.
Throws: CertificateException
if the verification could not be carried out
o issueCertificate 
  public abstract Certificate issueCertificate(Registration reg,
                                               CryptoKeyInfo userPubKey,
                                               int scope,
                                               int type,
                                               Date validStart,
                                               Date validEnd,
                                               int state) throws CertificateException
Issue new Certificate. RCModule should compute signature and produce a new Certificate containing all the data provided (if at all possible) plus signature plus serial Number.
Parameters:
reg - is the registration which is the basis of the certificate
pubKey - = The public key certified for this User by certificate.
scope - = Public keys scope (or application)
type - = Certificate Type
validStart - = Start of validity period
validEnd - = End of validity period
state - = status of the certificate
CASkey - = CA's Secret Key with which to sign Certificate.
Returns:
newly issued Certificate containing the data issueCertificate was called with plus SerialNo and signature hashID and signatureID of the newly created Certificate should be set according to the info available in CA's public Key. (They are to be used in order to use a CA key of which possibly hash algorithm and signature generating method aren't known, but only the keyvalue.)
Throws: CertificateException
If there were no serialno or if something else bad happened during the issuing.
o generateCAkeys 
  public abstract void generateCAkeys() throws CertificateException
Generate the CA's keypair. This has to be used instead of the general CryptoMan.generatePublicKey() method, as the RCModule might use another way of generating public keys than the CryptoMan Module does. If the CA already has key pair this method may be implemented by just recovering that key pair. It should be possible to put the public key part into a CryptoKeyInfo object, using the caName, so that the RCModule on the client side can retrieve it (after storing it) and use that public key when verifying a certificate.
Throws: CertificateException
if an error occured during key generation or storage of the key
o retrieveCApkey 
  public abstract CryptoKeyInfo retrieveCApkey(String caName) throws CertificateException
Retrieve this CA's public key so that I (the CA) can send it to the Certificate Manager on the Client side, so that it can store it and that RCModule can use it when verifying Certificates issued by me.
Parameters:
caName - is the name of the CA whose public key should be retrieved
Returns:
s my (the CA's) public key.
Throws: CertificateException
if the key could not be retrieved (from storage)
o storeCApkey 
  public abstract void storeCApkey(CryptoKeyInfo pkey,
                                   String CAname) throws CertificateException
Store the public key of the CA. This service is used by clients for storing public keys received from CAs.
Parameters:
pkey: - the public key to be stored
CAname - is the distinguished name of the CA
Throws: CertificateException
if the key could not be stored
o getRegistrationStatus 
  public abstract String getRegistrationStatus(String name,
                                               long serialNo) throws CertificateException
Returns the status of the registration. Currently the registration may be in the following states (encoded bu the given integer constants): Registration proces is started, but not resolved yet (REGISTRATION_STILL_IN_PROGRESS), Registration has either been cancelled or has never been initiated (REGISTRATION_CANCELLED) or Registration is finished and can be retrieved (REGISTRATION_FINALIZED)
Parameters:
name - is a string identifying the user in the registration process
serialNo - is the serial number of the template/registration for which the status must be computed
Returns:
a String describing the status of the registration
Throws: CertificateException
if the status could not be computed
o makeRegistration 
  public abstract Registration makeRegistration(Template templ) throws CertificateException
Register information about a user based on the information in a Template.
Parameters:
templ - is a filled out template
Returns:
a Registration corresponding to the informaiton registered about the user
Throws: CertificateException
if the registration could not be made based on the given template 
All Packages  Class Hierarchy  This Package  Previous  Next  Index