|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object issrg.security.DefaultVerifier
public class DefaultVerifier
This is the default implementation of a Verifier. It can validate signatures on the given objects. This component doesn't require any user interaction and can be used in interface-less applications (e.g. servers).
This default security supports:
Constructor Summary | |
---|---|
DefaultVerifier()
This constructor initialises the DefaultVerifier. |
Method Summary | |
---|---|
PKCRepository |
getPKCRepository()
gets the repository that will be used to retrieve user's signature verification Public Key Certificates. |
java.security.cert.X509Certificate[] |
getRootCAs()
This method returns the array of PKCs of multiple roots of trust. |
java.security.cert.X509Certificate[] |
getVerificationCertificates(TokenLocator signerName)
Retrieves the valid certificates of the signer. |
void |
setPKCRepository(PKCRepository repository)
Sets the repository that will be used to retrieve user's signature verification Public Key Certificates. |
void |
setRootCA(byte[] pkc)
Sets the root CA by specifying its PKC. |
void |
setRootCA(java.security.cert.X509Certificate pkc)
Sets the root CA by specifying its PKC. |
void |
setRootCAs(byte[][] pkcs)
This method lets you specify multiple Root CAs. |
void |
setRootCAs(java.security.cert.X509Certificate[] pkcs)
This method sets multiple roots of trust by providing their X.509 PKCs. |
boolean |
verify(byte[] data,
byte[] signature,
java.lang.String algorithmID,
java.security.cert.X509Certificate[] certs)
This method verifies a signature on the data. |
boolean |
verifyByRoot(byte[] data,
byte[] signature,
java.lang.String algorithmID)
This method checks if the given data was signed by any of the Root CAs. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public DefaultVerifier() throws SecurityException
SecurityException,
- if there were no CertificateFactories found for
"X.509" certificates in this instance of JVM
SecurityException
Method Detail |
---|
public void setRootCA(byte[] pkc) throws SecurityException
pkc
- is the BER encoded X.509 PKC of the root CA
SecurityException
public void setRootCA(java.security.cert.X509Certificate pkc)
pkc
- is the X.509 PKC of the root CApublic void setRootCAs(java.security.cert.X509Certificate[] pkcs)
pkcs
- - the Public Key Certificates of the CAspublic java.security.cert.X509Certificate[] getRootCAs()
getRootCAs
in interface Verifier
public void setRootCAs(byte[][] pkcs) throws SecurityException
pkcs
- - an array of BER-encoded X.509 PKCs
SecurityException
public void setPKCRepository(PKCRepository repository)
repository
- - the PKCRepository that can return the PKCs for a
given principalpublic PKCRepository getPKCRepository()
getPKCRepository
in interface Verifier
public java.security.cert.X509Certificate[] getVerificationCertificates(TokenLocator signerName) throws SecurityException
Certification path validation will be added later.
getVerificationCertificates
in interface Verifier
signerName
- is the name of the signer's LDAP entry
SecurityException
- if there were errors during processing the
requestpublic boolean verify(byte[] data, byte[] signature, java.lang.String algorithmID, java.security.cert.X509Certificate[] certs) throws SecurityException
verify
in interface Verifier
data
- is the to-be-signed arraysignature
- is the signature of that arraycerts
- is the array of X.509 PKCs, but only the first one is used in
this implementation
SecurityException,
- if there were errors during processing the
request
SecurityException
- if a definite decision cannot be derivedpublic boolean verifyByRoot(byte[] data, byte[] signature, java.lang.String algorithmID)
data
- - the to-be-signed byte arraysignature
- - the matching signaturealgorithmID
- - the signature algorithm identifier
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |