KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > core > protocol > IRequestMessage


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package org.ejbca.core.protocol;
15
16 import java.io.Serializable JavaDoc;
17 import java.math.BigInteger JavaDoc;
18 import java.security.InvalidKeyException JavaDoc;
19 import java.security.NoSuchAlgorithmException JavaDoc;
20 import java.security.NoSuchProviderException JavaDoc;
21 import java.security.PrivateKey JavaDoc;
22 import java.security.PublicKey JavaDoc;
23 import java.security.cert.Certificate JavaDoc;
24 import java.security.cert.X509Certificate JavaDoc;
25 import java.util.Date JavaDoc;
26
27
28 /**
29  * Base interface for request messages sent to the CA. Implementors of this interface must also
30  * implement Serializable if they are to be sent to any EJB bussiness methods.
31  *
32  * @version $Id: IRequestMessage.java,v 1.7.2.1 2007/03/28 12:26:54 anatom Exp $
33  */

34 public interface IRequestMessage extends Serializable JavaDoc {
35     /**
36      * Get the username used to request a certificate from EJBCA.
37      *
38      * @return The username from the certification request.
39      */

40     public String JavaDoc getUsername();
41
42     /**
43      * Get the password used to request a certificate from EJBCA.
44      *
45      * @return The password from the certification request.
46      */

47     public String JavaDoc getPassword();
48
49     /**
50      * Gets the issuer DN if contained in the request (the CA the request is targeted at).
51      *
52      * @return issuerDN of receiving CA or null.
53      */

54     public String JavaDoc getIssuerDN();
55
56     /**
57      * Gets the number (of CA cert) from IssuerAndSerialNumber. Combined with getIssuerDN to identify
58      * the CA-certificate of the CA the request is targeted for.
59      *
60      * @return serial number of CA certificate for CA issuing CRL or null.
61      */

62     public BigInteger JavaDoc getSerialNo();
63     
64     /**
65      * Gets the requested DN if contained in the request (the desired DN for the user).
66      *
67      * @return requested DN or null.
68      */

69     public String JavaDoc getRequestDN();
70
71     /**
72      * Gets the requested altNames if contained in the request (the desired altNames for the user).
73      *
74      * @return requested altNames or null.
75      */

76     public String JavaDoc getRequestAltNames();
77     
78     /**
79      * Gets a validity date from the request, if the request contains a desired validity.
80      * The requested validity may, or may not be used, it depends if allowValidityOverride is set in
81      * the certificate profile.
82      *
83      * @return A date now or in the future for notBefore validity in the certificate, or null if no desired validity is in the certificate.
84      */

85     public Date JavaDoc getRequestValidityNotBefore();
86     
87     /**
88      * Gets a validity date from the request, if the request contains a desired validity.
89      * The requested validity may, or may not be used, it depends if allowValidityOverride is set in
90      * the certificate profile.
91      *
92      * @return A date in the future for notAfter validity in the certificate, or null if no desired validity is in the certificate.
93      */

94     public Date JavaDoc getRequestValidityNotAfter();
95
96     /**
97      * Gets the issuer DN (of CA cert) from IssuerAndSerialNumber when this is a CRL request.
98      *
99      * @return issuerDN of CA issuing CRL or null.
100      */

101     public String JavaDoc getCRLIssuerDN();
102
103     /**
104      * Gets the number (of CA cert) from IssuerAndSerialNumber when this is a CRL request.
105      *
106      * @return serial number of CA certificate for CA issuing CRL or null.
107      */

108     public BigInteger JavaDoc getCRLSerialNo();
109
110     /**
111      * Get the public key from a certification request.
112      *
113      * @return The public key from a certification request.
114      *
115      * @throws InvalidKeyException If the key is invalid.
116      * @throws NoSuchProviderException if there is an error with the Provider.
117      * @throws NoSuchAlgorithmException if the key uses an unhandled algorithm.
118      */

119     public PublicKey JavaDoc getRequestPublicKey()
120             throws InvalidKeyException JavaDoc, NoSuchAlgorithmException JavaDoc, NoSuchProviderException JavaDoc;
121
122     /**
123      * Verifies signatures, popo etc on the request message. If verification fails the request
124      * should be considered invalid.
125      *
126      * @return True if verification was successful, false if it failed.
127      *
128      * @throws InvalidKeyException If the key used for verification is invalid.
129      * @throws NoSuchProviderException if there is an error with the Provider.
130      * @throws NoSuchAlgorithmException if the signature on the request is done with an unhandled
131      * algorithm.
132      */

133     public boolean verify()
134             throws InvalidKeyException JavaDoc, NoSuchAlgorithmException JavaDoc, NoSuchProviderException JavaDoc;
135
136     /**
137      * indicates if this message needs recipients public and private key to verify, decrypt etc. If
138      * this returns true, setKeyInfo() should be called.
139      *
140      * @return True if public and private key is needed.
141      */

142     public boolean requireKeyInfo();
143
144     /**
145      * Sets the public and private key needed to decrypt/verify the message. Must be set if
146      * requireKeyInfo() returns true.
147      *
148      * @param cert certificate containing the public key.
149      * @param key private key.
150      * @param provider the provider to use, if the private key is on a HSM you must use a special provider. If null is given, the default BC provider is used.
151      *
152      * @see #requireKeyInfo()
153      */

154     public void setKeyInfo(X509Certificate JavaDoc cert, PrivateKey JavaDoc key, String JavaDoc provider);
155
156     /**
157      * Returns an error number after an error has occured processing the request
158      *
159      * @return class specific error number
160      */

161     public int getErrorNo();
162
163     /**
164      * Returns an error message after an error has occured processing the request
165      *
166      * @return class specific error message
167      */

168     public String JavaDoc getErrorText();
169
170     /**
171      * Returns a senderNonce if present in the request
172      *
173      * @return senderNonce as a string of base64 encoded bytes
174      */

175     public String JavaDoc getSenderNonce();
176
177     /**
178      * Returns a transaction identifier if present in the request
179      *
180      * @return transaction id
181      */

182     public String JavaDoc getTransactionId();
183
184     /**
185      * Returns requesters key info, key id or similar
186      *
187      * @return request key info
188      */

189     public byte[] getRequestKeyInfo();
190     
191     /**
192      * Returns the name of the preferred Digest algorithm to be used in the response if applicable.
193      * Defaults to CMSSignedGenerator.DIGEST_SHA1 for normal messages, but to MD5 for SCEP messages. If SCEP request is
194      * digested with SHA1 it is set to SHA1 though.
195      *
196      * @return oid of digest algorithm ex CMSSignedGenerator.DIGEST_SHA1, SHA256 etc
197      */

198     public String JavaDoc getPreferredDigestAlg();
199     
200     
201     /** If the CA certificate should be included in the reponse or not, default to true = yes.
202      * Not applicable for all request/response types.
203      *
204      * @return true or false
205      */

206     public boolean includeCACert();
207
208     /** Sometimes (CMP) the response identifier sent depends on which request identifier was used,
209      * even if the messages themselves are the same mesages.
210      *
211      * @param reqtype which type of request message this response is in response to
212      */

213     public int getRequestType();
214     
215     /**
216      * For some types of request-responses there is a need for a requetsId to match the request and the
217      * response together.
218      * @param reqId the id from the request matching to this response
219      */

220     public int getRequestId();
221     
222     /**
223      * Create a response class with information from the request. Information such as nounces etc are taken
224      * from the request to match the response. The response can be signed and encrypted if the class so requires.
225      *
226      * @param responseClass
227      * @param req
228      * @param cert
229      * @param signPriv
230      * @param encPriv
231      * @param provider
232      * @return IResponseMessage
233      */

234     public IResponseMessage createResponseMessage(Class JavaDoc responseClass, IRequestMessage req, Certificate JavaDoc cert, PrivateKey JavaDoc signPriv, PrivateKey JavaDoc encPriv, String JavaDoc provider);
235
236
237 }
238
Popular Tags