Package com.bfo.netkeystore.client
Interface Server
public interface Server
A Server represents a network-based signature provider. The configuration for a
NetProvider will
generally define one or more Servers, and more may be found via Zeroconf-
Method Summary
Modifier and TypeMethodDescriptionvoidcanSign(com.bfo.netkeystore.client.NetPrivateKey key, SignatureAlgorithm algorithm) Given a signature algorithm, return the hash algorithm that should be used to generate the digest for the signature for the specified key, or (if the key is null) if any key owned by this server could support that algorithm.voidConfigure the servergetSignatureAlgorithm(String name) Return the SignatureAlgorithm corresponding to the specified name, or null if none existsvoidload()Load the keystore from the Core with keysvoidlogin(Subject subject, KeyStore.ProtectionParameter prot) Login to the server.voidlogout()Log out of the server.booleanshutdown(boolean auto) Shut down the server and prepare it for removal from the KeyStore.byte[]sign(com.bfo.netkeystore.client.NetPrivateKey key, SignatureAlgorithm algorithm, AlgorithmParameters params, byte[] data) This calls "credentials/authorize" then "signature/hash"
-
Method Details
-
configure
Configure the server- Parameters:
name- the server nameconfig- the configurationauto- if true, the server has been auto-configured from Zeroconf- Throws:
Exception- if the server failed to configure
-
login
Login to the server. Called fromAuthProvider.login(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler), or the first time a key is requested from its keystore- Parameters:
subject- the subject, or nullprot- the ProtectionParameter used to load the keystore- Throws:
IOException- for IOException
-
logout
Log out of the server. Called fromAuthProvider.logout()- Throws:
IOException- for IOException
-
shutdown
Shut down the server and prepare it for removal from the KeyStore. Only currently used for Zeroconf-originating servers when they go offline- Parameters:
auto- if true, shut the server down only if it was configured with auto=true- Returns:
- true if the server was shutdown, false if the request was ignored.
- Throws:
IOException- for IOException
-
getSignatureAlgorithm
Return the SignatureAlgorithm corresponding to the specified name, or null if none exists- Parameters:
name- the signature name, eg "SHA256withRSA"- Returns:
- the SignatureAlgorithm
-
load
Load the keystore from the Core with keys- Throws:
IOException- for IOException
-
sign
byte[] sign(com.bfo.netkeystore.client.NetPrivateKey key, SignatureAlgorithm algorithm, AlgorithmParameters params, byte[] data) throws UnrecoverableKeyException, IOException This calls "credentials/authorize" then "signature/hash"- Parameters:
key- the signing keyalgorithm- the signature algorithmparams- the signature algorithm params (normally null)data- the digest to sign- Returns:
- the signature bytes
- Throws:
IOException- for IOExceptionUnrecoverableKeyException- if the key can't be unlocked
-
canSign
void canSign(com.bfo.netkeystore.client.NetPrivateKey key, SignatureAlgorithm algorithm) throws InvalidKeyException Given a signature algorithm, return the hash algorithm that should be used to generate the digest for the signature for the specified key, or (if the key is null) if any key owned by this server could support that algorithm.- Parameters:
key- the key that will be used for the signature, or null to check if any key supported by this Server supports the algorithmalgorithm- the signature algorithm as requested by the client- Throws:
InvalidKeyException- if the key cannot be used
-