Package com.axway.ats.action.security
Class SMimePackageEncryptor
- java.lang.Object
-
- com.axway.ats.action.security.SMimePackageEncryptor
-
- All Implemented Interfaces:
PackageEncryptor
public class SMimePackageEncryptor extends Object implements PackageEncryptor
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SMimePackageEncryptor.Cipher
static class
SMimePackageEncryptor.SignatureAlgorithm
-
Field Summary
Fields Modifier and Type Field Description static String
CONTENT_TYPE_MULTIPART_SIGNED
static String
JKS_KEYSTORE_TYPE
static String
PKCS12_KEYSTORE_TYPE
-
Constructor Summary
Constructors Constructor Description SMimePackageEncryptor(String location, String password)
Create new instance for work with S/MIME mails using specified key store.SMimePackageEncryptor(String location, String password, String aliasOrCN)
Create new instance for work with S/MIME mails using specified key store and aliasSMimePackageEncryptor(List<String> locations, List<String> passwords, List<String> aliasOrCNs)
Create new instance for work with S/MIME mails using specified key stores and aliases.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
checkSignature(Package sourcePackage)
Verifies the signature of a package with the public key specified in the implementation constructorstatic boolean
checkSignatureWithEmbeddedPublicKey(Package sourcePackage)
Package
decrypt(Package sourcePackage)
Decrypts a message (likeMimePackage
) using the arguments provided inPackageEncryptor
implementation constructorPackage
encrypt(Package source)
Encrypts the given package (likeMimePackage
) using the arguments provided inPackageEncryptor
implementation constructorString[]
getKeystoreAliases(String keystoreType)
Get all aliases in a keystore with specified typevoid
setEncryptionCipher(String cipher)
Set cipher ID to be used for encryption algorithm Use member classSMimePackageEncryptor.Cipher
for common values.void
setSignatureAlgorithm(String signatureAlgorithm)
Package
sign(Package sourcePackage)
Signs aPackage
.
-
-
-
Field Detail
-
CONTENT_TYPE_MULTIPART_SIGNED
public static final String CONTENT_TYPE_MULTIPART_SIGNED
- See Also:
- Constant Field Values
-
JKS_KEYSTORE_TYPE
public static final String JKS_KEYSTORE_TYPE
- See Also:
- Constant Field Values
-
PKCS12_KEYSTORE_TYPE
public static final String PKCS12_KEYSTORE_TYPE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
SMimePackageEncryptor
public SMimePackageEncryptor(String location, String password, String aliasOrCN)
Create new instance for work with S/MIME mails using specified key store and alias- Parameters:
location
- the location (path and filename) of the file containing the keystore/certificate (chain)password
- the password to access the given keystore or 'null' if there is no passwordaliasOrCN
- the key pair alias or a CN (Common Name) if there is no private key
-
SMimePackageEncryptor
public SMimePackageEncryptor(String location, String password)
Create new instance for work with S/MIME mails using specified key store.
This constructor is used when the key alias is not known and all the keys in the keystore will be tried for decryption and checking the signature. For the methods which require key alias, like encryption and signing, exception will be thrown- Parameters:
location
- the location (path and filename) of the file containing the keystorepassword
- the password to access the given keystore
-
SMimePackageEncryptor
public SMimePackageEncryptor(List<String> locations, List<String> passwords, List<String> aliasOrCNs) throws ActionException
Create new instance for work with S/MIME mails using specified key stores and aliases.
This constructor should be used when sending a mail to more than one recipient. A list of certificates is passed, so the symmetric key(used to encrypt the mail) will be encrypted many times(once per certificate). This way each recipient will be able to decrypt the mail using his own certificate.- Parameters:
locations
- the locations (path and filename) of the files containing the keystore/certificate (chain)passwords
- the passwords to access the given keystores or 'null' if there is no passwordaliasOrCNs
- the key pair aliases or CNs (Common Name) if there is no private key- Throws:
ActionException
-
-
Method Detail
-
setEncryptionCipher
public void setEncryptionCipher(String cipher)
Set cipher ID to be used for encryption algorithm Use member classSMimePackageEncryptor.Cipher
for common values. Current default is AES_128_CBC- Parameters:
cipher
- ExampleSMimePackageEncryptor.Cipher.AES128_CBC
-
encrypt
public Package encrypt(Package source) throws ActionException
Description copied from interface:PackageEncryptor
Encrypts the given package (likeMimePackage
) using the arguments provided inPackageEncryptor
implementation constructor- Specified by:
encrypt
in interfacePackageEncryptor
- Parameters:
source
- the package to encrypt- Returns:
- the encrypted
Package
- Throws:
ActionException
- in case an encryption error occurs
-
decrypt
public Package decrypt(Package sourcePackage) throws ActionException
Description copied from interface:PackageEncryptor
Decrypts a message (likeMimePackage
) using the arguments provided inPackageEncryptor
implementation constructor- Specified by:
decrypt
in interfacePackageEncryptor
- Parameters:
sourcePackage
- the package to decrypt- Returns:
- the decrypted
Package
- Throws:
ActionException
- in case an decryption error occurs
-
sign
public Package sign(Package sourcePackage) throws ActionException
Description copied from interface:PackageEncryptor
Signs aPackage
.- Specified by:
sign
in interfacePackageEncryptor
- Parameters:
sourcePackage
- the package to sign- Returns:
- the new signed
Package
- Throws:
ActionException
- in case an error has occurred while signing the message
-
setSignatureAlgorithm
public void setSignatureAlgorithm(String signatureAlgorithm)
- Parameters:
signatureAlgorithm
- signature algorithmNOTE: Supported algorithms are available in the
SMimePackageEncryptor.SignatureAlgorithm
member class. for example: SMimePackageEncryptor.SignatureAlgorithm.SHA1
-
checkSignature
public boolean checkSignature(Package sourcePackage) throws ActionException
Description copied from interface:PackageEncryptor
Verifies the signature of a package with the public key specified in the implementation constructor- Specified by:
checkSignature
in interfacePackageEncryptor
- Parameters:
sourcePackage
- the package which signature to check- Returns:
true
if the signature can be confirmed with the current set of key pairs- Throws:
ActionException
- in case an error has occurred while checking the signature of the message
-
checkSignatureWithEmbeddedPublicKey
public static boolean checkSignatureWithEmbeddedPublicKey(Package sourcePackage) throws ActionException
- Parameters:
sourcePackage
- the package which signature to check- Returns:
true
if the signature can be confirmed with the current set of key pairs passed with the signature- Throws:
ActionException
- in case an error has occurred while checking the signature of the message
-
getKeystoreAliases
public String[] getKeystoreAliases(String keystoreType) throws ActionException
Description copied from interface:PackageEncryptor
Get all aliases in a keystore with specified type- Specified by:
getKeystoreAliases
in interfacePackageEncryptor
- Parameters:
keystoreType
- the keystore type ( JKS, PKCS12, ... )- Returns:
- array of all aliases in the keystore
- Throws:
ActionException
- in case an error has occurred while reading the keystore
-
-