Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.sap.security.api.ssf
Interface ISsfData

All Known Implementing Classes:
SsfDataSMIME, SsfDataPKCS7, SsfDataXML
public interface ISsfData

Interface for representing data to be digitally signed, verified, encrypted or decrypted

Field Summary
static java.lang.String ALG_AES128_CBC
          Name of symmetric encryption algorithm AES (128 bit) in CBC mode.
static java.lang.String ALG_DES_EDE3_CBC
          Name of symmetric encryption algorithm triple DES in CBC mode.
static java.lang.String ALG_MD5
          Name of message digest algorithm MD5.
static java.lang.String ALG_RC2_40_CBC
          Name of symmetric encryption algorithm RC2 (40 bit) in CBC mode.
static java.lang.String ALG_RC2_CBC
          Name of symmetric encryption algorithm RC2 (128 bit) in CBC mode.
static java.lang.String ALG_SHA
          Name of message digest algorithm SHA-1.
static int INC_CERT_CHAIN
          Include certificate chain without root when creating a digital signature (default).
static int INC_CERT_CHAIN_ROOT
          Include certificate chain with root when creating a digital signature.
static int INC_CERT_NONE
          Do not include any certificates when creating a digital signature.
static int INC_CERT_OWN
          Include own certificate when creating a digital signature.
 
Method Summary
 boolean decrypt(ISsfProfile profile)
          Decrypts the given data.
 boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab)
          Encrypts the given data.
 boolean encrypt(SsfSigRcpList rcpList, ISsfPab pab, java.lang.String symAlg)
          Encrypts the given data.
 boolean sign(ISsfProfile profile)
          Creates a digital siganture of the given data.
 boolean sign(ISsfProfile profile, java.lang.String mdAlg, int incCerts, boolean detached)
          Creates a digital siganture of the given data.
 boolean verify(ISsfPab pab, SsfSigRcpList sigList)
          Verifies a digital signature of the given data.
 boolean verify(ISsfPab pab, SsfSigRcpList sigList, ISsfData input, java.security.cert.X509Certificate cert)
          Verifies a digital signature of the given data.
 boolean writeTo(java.io.OutputStream Out)
          Writes the changed data to an output stream
 

Field Detail

ALG_SHA

public static final java.lang.String ALG_SHA
Name of message digest algorithm SHA-1.

ALG_MD5

public static final java.lang.String ALG_MD5
Name of message digest algorithm MD5.

ALG_AES128_CBC

public static final java.lang.String ALG_AES128_CBC
Name of symmetric encryption algorithm AES (128 bit) in CBC mode.

ALG_DES_EDE3_CBC

public static final java.lang.String ALG_DES_EDE3_CBC
Name of symmetric encryption algorithm triple DES in CBC mode.

ALG_RC2_40_CBC

public static final java.lang.String ALG_RC2_40_CBC
Name of symmetric encryption algorithm RC2 (40 bit) in CBC mode.

ALG_RC2_CBC

public static final java.lang.String ALG_RC2_CBC
Name of symmetric encryption algorithm RC2 (128 bit) in CBC mode.

INC_CERT_NONE

public static final int INC_CERT_NONE
Do not include any certificates when creating a digital signature.

INC_CERT_OWN

public static final int INC_CERT_OWN
Include own certificate when creating a digital signature.

INC_CERT_CHAIN

public static final int INC_CERT_CHAIN
Include certificate chain without root when creating a digital signature (default).

INC_CERT_CHAIN_ROOT

public static final int INC_CERT_CHAIN_ROOT
Include certificate chain with root when creating a digital signature.
Method Detail

sign

public boolean sign(ISsfProfile profile)
             throws SsfInvalidKeyException
Creates a digital siganture of the given data.
Parameters:
profile - containing the secret key of the signer
Returns:
sign(profile, INC_CERT_CHAIN, ALG_SHA1)
Throws:
SsfInvalidKeyException - if invalid key is used

sign

public boolean sign(ISsfProfile profile,
                    java.lang.String mdAlg,
                    int incCerts,
                    boolean detached)
             throws SsfInvalidKeyException,
                    SsfInvalidAlgException
Creates a digital siganture of the given data.
Parameters:
profile - containing the secret key of the signer
mdAlg - message digest algorithm used to hash the data
incCerts - determine if certificates should be included
detached - if true do not include data into signature
Returns:
sign(profile, ALG_SHA, INC_CERT_CHAIN, false)
Throws:
SsfInvalidKeyException - if invalid key is used
SsfInvalidAlgException - if invalid algorithm is used

verify

public boolean verify(ISsfPab pab,
                      SsfSigRcpList sigList)
               throws SsfInvalidDataException
Verifies a digital signature of the given data.
Parameters:
pab - personal address book containing trusted certificates (if null, all certificates are considered as trusted, i.e. the signer certificates must be validated by the caller)
sigList - list of signer information
Returns:
verify(pab, null, signer)
Throws:
SsfInvalidDataException - if given data is not digitally signed

verify

public boolean verify(ISsfPab pab,
                      SsfSigRcpList sigList,
                      ISsfData input,
                      java.security.cert.X509Certificate cert)
               throws SsfInvalidDataException
Verifies a digital signature of the given data.
Parameters:
pab - personal address book containing trusted certificates (if null, all certificates are considered as trusted, i.e. the signer certificates must be validated by the caller)
sigList - list of signer information
input - unsigned data (provide only in case of detached signature, in case of attached signature pass null)
cert - certificate to be used for verification (if null, use certificate included in signed data)
Returns:
true if (at least one) signature could be verified
Throws:
SsfInvalidDataException - if given data is not digitally signed

encrypt

public boolean encrypt(SsfSigRcpList rcpList,
                       ISsfPab pab)
                throws SsfInvalidKeyException
Encrypts the given data.
Parameters:
rcpList - list of recipients of encrypted data
pab - personal address book containing trusted certificates
Returns:
encrypt(rcp, pab, ALG_AES128_CBC)
Throws:
SsfInvalidKeyException - if invalid key is used

encrypt

public boolean encrypt(SsfSigRcpList rcpList,
                       ISsfPab pab,
                       java.lang.String symAlg)
                throws SsfInvalidKeyException,
                       SsfInvalidAlgException
Encrypts the given data.
Parameters:
rcpList - list of recipients of encrypted data
pab - personal address book containing the certificate of the recipient (if null, all certificates are considered as trusted)
symAlg - name of symmetric encryption algorithm
Returns:
true if data could be encrypted for all recipients
Throws:
SsfInvalidKeyException - if invalid key is used
SsfInvalidAlgException - if invalid algorithm is used

decrypt

public boolean decrypt(ISsfProfile profile)
                throws SsfInvalidKeyException,
                       SsfInvalidDataException
Decrypts the given data.
Parameters:
profile - containing the secret key of the recipient
Returns:
true if encrypted data could be decrypted
Throws:
SsfInvalidKeyException - if invalid key is used
SsfInvalidDataException - if given data is not encrypted

writeTo

public boolean writeTo(java.io.OutputStream Out)
                throws java.io.IOException
Writes the changed data to an output stream
Parameters:
out - output stream
Returns:
true if data could be written
Throws:
java.io.IOException - if an I/O error occurs
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD