issrg.security
Class PKCS12Security

java.lang.Object
  extended by issrg.security.DefaultVerifier
      extended by issrg.security.DefaultSecurity
          extended by issrg.security.PKCS12Security
All Implemented Interfaces:
SessionOriented, Signer, Verifier, javax.security.auth.spi.LoginModule

public class PKCS12Security
extends DefaultSecurity

This class implements a security that uses a PKCS#12 file to authenticate the user and obtain the signing and signature verification keys. The user interaction is inherited from DefaultSecurity. Only the key methods are overridden to log the user in using a known PKCS#12 file name, and a method to construct a FilenameCallback.


Field Summary
static java.lang.String[] exts
           
static java.lang.String PFX_EXTENSION
           
static java.lang.String PKC_EXTENSION
           
 
Fields inherited from class issrg.security.DefaultSecurity
ch, DEFAULT_FILE, DEFAULT_FILE_STRING, DIGEST_ALGORITHM, digestAlgorithm, DSA_ALGORITHMS, KEY_ALGORITHMS, LAST_FILE_STRING, MD2_WITH_RSA_ALGORITHM, MD4_WITH_RSA_ALGORITHM, MD5_WITH_RSA_ALGORITHM, options, PASSWORD_SHARES_INTEGER, PASSWORD_SHARES_STRING, PASSWORD_STORED, PASSWORDS, PROMPT_STRING, RSA_ALGORITHMS, SHA1_WITH_DSA_ALGORITHM, SHA1_WITH_RSA_ALGORITHM, sharedState, subj, TITLE_STRING
 
Constructor Summary
PKCS12Security()
           
 
Method Summary
 FilenameCallback getFilenameCallback(java.lang.String defaultFile)
          This method constructs a FilenameCallback that will filter out all but PKCS#12 files with the extensions PKC_EXTENSION (".p12") and PFX_EXTENSION (".pfx").
 void login(java.lang.String pkcFile, char[] password)
          The method for logging the user in without GUI.
 
Methods inherited from class issrg.security.DefaultSecurity
abort, commit, getDigestAlgorithm, getPrivateKey, getSignature, getSigningAlgorithmID, getVerificationCertificate, initialize, isLoggedIn, login, login, logout, setDigestAlgorithm, setPrivateKey, setSignature, sign
 
Methods inherited from class issrg.security.DefaultVerifier
getPKCRepository, getRootCAs, getVerificationCertificates, setPKCRepository, setRootCA, setRootCA, setRootCAs, setRootCAs, verify, verifyByRoot
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PKC_EXTENSION

public static final java.lang.String PKC_EXTENSION
See Also:
Constant Field Values

PFX_EXTENSION

public static final java.lang.String PFX_EXTENSION
See Also:
Constant Field Values

exts

public static final java.lang.String[] exts
Constructor Detail

PKCS12Security

public PKCS12Security()
               throws SecurityException
Throws:
SecurityException
Method Detail

login

public void login(java.lang.String pkcFile,
                  char[] password)
           throws SecurityException
The method for logging the user in without GUI. The method attempts to decrypt the private key, then signs and verifies a signature on an arbitrary byte array to ensure that the private key and the PKC match. Note that for signing purposes it is necessary to know the DN of the signer, which is not included in the private key.

After logging the user in the Root CAs are set to the collection of PKCs in the PKCS#12 file, including the user's signature verification PKC. The first PKC to match the signing key is used as the user's signature verification key.

Specified by:
login in class DefaultSecurity
Parameters:
pkcFile - is the filename of the PKCS#12 construct
password - is the password for decrypting the PKCS#12 file
Throws:
SecurityException

getFilenameCallback

public FilenameCallback getFilenameCallback(java.lang.String defaultFile)
This method constructs a FilenameCallback that will filter out all but PKCS#12 files with the extensions PKC_EXTENSION (".p12") and PFX_EXTENSION (".pfx").

Specified by:
getFilenameCallback in class DefaultSecurity
Parameters:
defaultFile - - the default file to use if the user doesn't make any selection
Returns:
FilenameCallback configured to display PKCS#12 files only