org.aselect.authspserver.crypto
Class CryptoEngine

java.lang.Object
  extended by org.aselect.authspserver.crypto.CryptoEngine

public class CryptoEngine
extends java.lang.Object

The A-Select AuthSP CryptoEngine.

Description:
Its function is to load the default AuthSP signing key and generate/verify signatures.

Concurrency issues:
-

Author:
Alfa & Ariss

Constructor Summary
CryptoEngine(java.lang.String sWorkingDir, AuthSPSystemLogger oAuthSPSystemLogger)
          Constructor for CryptoEngine.
 
Method Summary
 java.lang.String generateSignature(java.lang.String sData)
          Generates a signature of the supplied data.
 java.lang.String getDescription()
          Short description.
 boolean verifyMySignature(java.lang.String sData, java.lang.String sSignature)
          This function verifies a signature generated with our private key.
 boolean verifySignature(java.lang.String sAlias, java.lang.String sData, java.lang.String sSignature)
          Verifies a signature.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CryptoEngine

public CryptoEngine(java.lang.String sWorkingDir,
                    AuthSPSystemLogger oAuthSPSystemLogger)
             throws ASelectException
Constructor for CryptoEngine.

Description:
Loads AuthSP Server keys: private and public. It also loads the public keys of the A-Select Servers that are connected.

Concurrency issues:
-

Preconditions:
- sWorkingDir may not be null
- oAuthSPSystemLogger may not be null and must be initialized


Postconditions:
- Will start if no A-Select Server public keys are found.

Parameters:
sWorkingDir - The directory of the AuthSP Server where the keystores are located.
oAuthSPSystemLogger - The logger that is used for system logging.
Throws:
ASelectException - if the Crypto engine can not be initialized.
Method Detail

generateSignature

public java.lang.String generateSignature(java.lang.String sData)
                                   throws ASelectException
Generates a signature of the supplied data.

Description:
Generates a signature of the supplied data String by using the AuthSP private key.

Concurrency issues:
-

Preconditions:
- sData may not be null


Postconditions:
- Doesn't throw exceptions, not even when something went wrong.

Parameters:
sData - the data that should be signed
Returns:
null when signature could not be generated or the signatue of the supplied data as a String
Throws:
ASelectException - If generating fails.

verifySignature

public boolean verifySignature(java.lang.String sAlias,
                               java.lang.String sData,
                               java.lang.String sSignature)
Verifies a signature.

Description:
Verifies the given signature for the given data with the key that is known by the given alias.

Concurrency issues:
-

Preconditions:
- sAlias may not be null
- sData may not be null
- sSignature may not be null


Postconditions:
- Will also log with Level.FINE if the verification was not succesfull.

Parameters:
sAlias - the alias that is used to identify the public key that is used for verification
sData - contains the data that is signed
sSignature - the signature that must be verified
Returns:
TRUE if the signature is successfully verified or FALSE if it could not be verified.

getDescription

public java.lang.String getDescription()
Short description.

Returns:
a String representation of this Object.

verifyMySignature

public boolean verifyMySignature(java.lang.String sData,
                                 java.lang.String sSignature)
This function verifies a signature generated with our private key.

Description:
It can be used to verify a signature of a request that is created by the AuthSP Server itself.

Concurrency issues:
-

Preconditions:
- sData may not be null
- sSignature may not be null


Postconditions:
- Will also log with Level.FINE if the verification was not succesfull.

Parameters:
sData - The data from which the supplied signature is created.
sSignature - The signature of the supplied data.
Returns:
TRUE if the signature is successfully verified or FALSE if it could not be verified.


Copyright © 2008 SURFnet BV. All Rights Reserved.