Package com.axway.ats.action.security

Class SMimePackageEncryptor

java.lang.Object

com.axway.ats.action.security.SMimePackageEncryptor

All Implemented Interfaces:

PackageEncryptor

public class SMimePackageEncryptor
extends Object
implements PackageEncryptor

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SMimePackageEncryptor.Cipher
static class	SMimePackageEncryptor.SignatureAlgorithm

Field Summary

Fields

Modifier and Type	Field	Description
static String	CONTENT_TYPE_MULTIPART_SIGNED
static String	JKS_KEYSTORE_TYPE
static String	PKCS12_KEYSTORE_TYPE

Constructor Summary

Constructors

Constructor	Description
SMimePackageEncryptor(String location, String password)	Create new instance for work with S/MIME mails using specified key store.
SMimePackageEncryptor(String location, String password, String aliasOrCN)	Create new instance for work with S/MIME mails using specified key store and alias
SMimePackageEncryptor(List<String> locations, List<String> passwords, List<String> aliasOrCNs)	Create new instance for work with S/MIME mails using specified key stores and aliases.

Method Summary

Modifier and Type	Method	Description
boolean	checkSignature(Package sourcePackage)	Verifies the signature of a package with the public key specified in the implementation constructor
static boolean	checkSignatureWithEmbeddedPublicKey(Package sourcePackage)
Package	decrypt(Package sourcePackage)	Decrypts a message (like MimePackage) using the arguments provided in PackageEncryptor implementation constructor
Package	encrypt(Package source)	Encrypts the given package (like MimePackage) using the arguments provided in PackageEncryptor implementation constructor
String[]	getKeystoreAliases(String keystoreType)	Get all aliases in a keystore with specified type
void	setEncryptionCipher(String cipher)	Set cipher ID to be used for encryption algorithm Use member class SMimePackageEncryptor.Cipher for common values.
void	setSignatureAlgorithm(String signatureAlgorithm)
Package	sign(Package sourcePackage)	Signs a Package.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CONTENT_TYPE_MULTIPART_SIGNED

public static final String CONTENT_TYPE_MULTIPART_SIGNED

See Also:

Constant Field Values

JKS_KEYSTORE_TYPE

public static final String JKS_KEYSTORE_TYPE

See Also:

Constant Field Values

PKCS12_KEYSTORE_TYPE

public static final String PKCS12_KEYSTORE_TYPE

See Also:

Constant Field Values

Constructor Detail

SMimePackageEncryptor

public SMimePackageEncryptor(String location,
                             String password,
                             String aliasOrCN)

Create new instance for work with S/MIME mails using specified key store and alias

Parameters:

location - the location (path and filename) of the file containing the keystore/certificate (chain)

password - the password to access the given keystore or 'null' if there is no password

aliasOrCN - the key pair alias or a CN (Common Name) if there is no private key

SMimePackageEncryptor

public SMimePackageEncryptor(String location,
                             String password)

Create new instance for work with S/MIME mails using specified key store.
This constructor is used when the key alias is not known and all the keys in the keystore will be tried for decryption and checking the signature. For the methods which require key alias, like encryption and signing, exception will be thrown

Parameters:

location - the location (path and filename) of the file containing the keystore

password - the password to access the given keystore

SMimePackageEncryptor

public SMimePackageEncryptor(List<String> locations,
                             List<String> passwords,
                             List<String> aliasOrCNs)
                      throws ActionException

Create new instance for work with S/MIME mails using specified key stores and aliases.
This constructor should be used when sending a mail to more than one recipient. A list of certificates is passed, so the symmetric key(used to encrypt the mail) will be encrypted many times(once per certificate). This way each recipient will be able to decrypt the mail using his own certificate.

Parameters:

locations - the locations (path and filename) of the files containing the keystore/certificate (chain)

passwords - the passwords to access the given keystores or 'null' if there is no password

aliasOrCNs - the key pair aliases or CNs (Common Name) if there is no private key

Throws:

ActionException

Method Detail

setEncryptionCipher

public void setEncryptionCipher(String cipher)

Set cipher ID to be used for encryption algorithm Use member class SMimePackageEncryptor.Cipher for common values. Current default is AES_128_CBC

Parameters:

cipher - Example SMimePackageEncryptor.Cipher.AES128_CBC

encrypt

public Package encrypt(Package source)
                throws ActionException

Description copied from interface: PackageEncryptor

Encrypts the given package (like MimePackage) using the arguments provided in PackageEncryptor implementation constructor

Specified by:

encrypt in interface PackageEncryptor

Parameters:

source - the package to encrypt

Returns:

the encrypted Package

Throws:

ActionException - in case an encryption error occurs

decrypt

public Package decrypt(Package sourcePackage)
                throws ActionException

Description copied from interface: PackageEncryptor

Decrypts a message (like MimePackage) using the arguments provided in PackageEncryptor implementation constructor

Specified by:

decrypt in interface PackageEncryptor

Parameters:

sourcePackage - the package to decrypt

Returns:

the decrypted Package

Throws:

ActionException - in case an decryption error occurs

sign

public Package sign(Package sourcePackage)
             throws ActionException

Description copied from interface: PackageEncryptor

Signs a Package.

Specified by:

sign in interface PackageEncryptor

Parameters:

sourcePackage - the package to sign

Returns:

the new signed Package

Throws:

ActionException - in case an error has occurred while signing the message

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)

Parameters:

signatureAlgorithm - signature algorithm

 NOTE: Supported algorithms are available in the SMimePackageEncryptor.SignatureAlgorithm member class.
 for example:  SMimePackageEncryptor.SignatureAlgorithm.SHA1
 

checkSignature

public boolean checkSignature(Package sourcePackage)
                       throws ActionException

Description copied from interface: PackageEncryptor

Verifies the signature of a package with the public key specified in the implementation constructor

Specified by:

checkSignature in interface PackageEncryptor

Parameters:

sourcePackage - the package which signature to check

Returns:

true if the signature can be confirmed with the current set of key pairs

Throws:

ActionException - in case an error has occurred while checking the signature of the message

checkSignatureWithEmbeddedPublicKey

public static boolean checkSignatureWithEmbeddedPublicKey(Package sourcePackage)
                                                   throws ActionException

Parameters:

sourcePackage - the package which signature to check

Returns:

true if the signature can be confirmed with the current set of key pairs passed with the signature

Throws:

ActionException - in case an error has occurred while checking the signature of the message

getKeystoreAliases

public String[] getKeystoreAliases(String keystoreType)
                            throws ActionException

Description copied from interface: PackageEncryptor

Get all aliases in a keystore with specified type

Specified by:

getKeystoreAliases in interface PackageEncryptor

Parameters:

keystoreType - the keystore type ( JKS, PKCS12, ... )

Returns:

array of all aliases in the keystore

Throws:

ActionException - in case an error has occurred while reading the keystore