KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > core > protocol > IResponseMessage


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package org.ejbca.core.protocol;
15
16 import java.io.IOException JavaDoc;
17 import java.io.Serializable JavaDoc;
18 import java.security.InvalidKeyException JavaDoc;
19 import java.security.NoSuchAlgorithmException JavaDoc;
20 import java.security.NoSuchProviderException JavaDoc;
21 import java.security.PrivateKey JavaDoc;
22 import java.security.cert.CRL JavaDoc;
23 import java.security.cert.Certificate JavaDoc;
24 import java.security.cert.CertificateEncodingException JavaDoc;
25 import java.security.cert.X509Certificate JavaDoc;
26
27 import org.ejbca.core.model.ca.SignRequestException;
28 import org.ejbca.core.model.ra.NotFoundException;
29
30 /**
31  * Base interface for response messages sent from the CA. Implementors of this interface must also
32  * implement Serializable if they are to be sent to any EJB bussiness methods.
33  * Example: <code>
34  * ResponseMessage resp = new ResponseMessage();
35  * resp.setCertificate(cert); resp.setStatus(OK);
36  * if (resp.requireSignKeyInfo()) {
37  * resp.setSignKeyInfo(signcert,signkey)
38  * };
39  * if (resp.requireEncKeyInfo()) {
40  * resp.setEncKeyInfo(enccert,enckey)
41  * };
42  * resp.create();
43  * byte[] responseMessage = resp.getResponseMessage();
44  * </code>
45  *
46  * @version $Id: IResponseMessage.java,v 1.4 2006/10/22 09:05:05 anatom Exp $
47  */

48 public interface IResponseMessage extends Serializable JavaDoc {
49
50     /**
51      * Sets the complete certificate in the response message.
52      *
53      * @param cert certificate in the response message.
54      */

55     public void setCertificate(Certificate JavaDoc cert);
56
57     /**
58      * Sets the CRL (if present) in the response message.
59      *
60      * @param crl crl in the response message.
61      */

62     public void setCrl(CRL JavaDoc crl);
63     
64     /**
65      * Determines if the CA certificate should be included in the response message, if
66      * applicable for the response message type.
67      *
68      * @param includeCACert true or false
69      */

70     public void setIncludeCACert(boolean incCACert);
71
72     /**
73      * Gets the response message in the default encoding format.
74      *
75      * @return the response message in the default encoding format.
76      */

77     public byte[] getResponseMessage() throws IOException JavaDoc, CertificateEncodingException JavaDoc;
78
79     /**
80      * Sets the status of the response message.
81      *
82      * @param status status of the response.
83      */

84     public void setStatus(ResponseStatus status);
85
86     /**
87      * Gets the status of the response message.
88      *
89      * @return status status of the response.
90      */

91     public ResponseStatus getStatus();
92
93     /**
94      * Sets info about reason for failure.
95      *
96      * @param failInfo reason for failure.
97      */

98     public void setFailInfo(FailInfo failInfo);
99
100     /**
101      * Gets info about reason for failure.
102      *
103      * @return failInfo reason for failure.
104      */

105     public FailInfo getFailInfo();
106
107     /**
108      * Sets clear text info about reason for failure.
109      *
110      * @param failText description about failure.
111      */

112     public void setFailText(String JavaDoc failText);
113
114     /**
115      * Gets clear text info about reason for failure.
116      *
117      * @return failText description about failure.
118      */

119     public String JavaDoc getFailText();
120
121     /**
122      * Create encrypts and creates signatures as needed to produce a complete response message. If
123      * needed setSignKeyInfo and setEncKeyInfo must be called before this method. After this is
124      * called the response message can be retrieved with getResponseMessage();
125      *
126      * @return True if signature/encryption was successful, false if it failed, request should not
127      * be sent back i failed.
128      *
129      * @throws IOException If input/output or encoding failed.
130      * @throws InvalidKeyException If the key used for signing/encryption is invalid.
131      * @throws NoSuchProviderException if there is an error with the Provider.
132      * @throws NoSuchAlgorithmException if the signature on the request is done with an unhandled
133      * algorithm.
134      *
135      * @see #setSignKeyInfo
136      * @see #setEncKeyInfo
137      */

138     public boolean create()
139             throws IOException JavaDoc, InvalidKeyException JavaDoc, NoSuchAlgorithmException JavaDoc, NoSuchProviderException JavaDoc, SignRequestException, NotFoundException;
140
141     /**
142      * indicates if this message needs recipients public and private key to sign. If this returns
143      * true, setSignKeyInfo() should be called.
144      *
145      * @return True if public and private key is needed.
146      */

147     public boolean requireSignKeyInfo();
148
149     /**
150      * indicates if this message needs recipients public and private key to encrypt. If this
151      * returns true, setEncKeyInfo() should be called.
152      *
153      * @return True if public and private key is needed.
154      */

155     public boolean requireEncKeyInfo();
156
157     /**
158      * Sets the public and private key needed to sign the message. Must be set if
159      * requireSignKeyInfo() returns true.
160      *
161      * @param cert certificate containing the public key.
162      * @param key private key.
163      * @param provider the provider to use, if the private key is on a HSM you must use a special provider. If null is given, the default BC provider is used.
164      *
165      * @see #requireSignKeyInfo()
166      */

167     public void setSignKeyInfo(X509Certificate JavaDoc cert, PrivateKey JavaDoc key, String JavaDoc provider);
168
169     /**
170      * Sets the public and private key needed to encrypt the message. Must be set if
171      * requireEncKeyInfo() returns true.
172      *
173      * @param cert certificate containing the public key.
174      * @param key private key.
175      * @param provider the provider to use, if the private key is on a HSM you must use a special provider. If null is given, the default BC provider is used.
176      *
177      * @see #requireEncKeyInfo()
178      */

179     public void setEncKeyInfo(X509Certificate JavaDoc cert, PrivateKey JavaDoc key, String JavaDoc provider);
180
181     /**
182      * Sets a senderNonce if it should be present in the response
183      *
184      * @param senderNonce a string of base64 encoded bytes
185      */

186     public void setSenderNonce(String JavaDoc senderNonce);
187
188     /**
189      * Sets a recipient if it should be present in the response
190      *
191      * @param recipientNonce a string of base64 encoded bytes
192      */

193     public void setRecipientNonce(String JavaDoc recipientNonce);
194
195     /**
196      * Sets a transaction identifier if it should be present in the response
197      *
198      * @param transactionId transaction id
199      */

200     public void setTransactionId(String JavaDoc transactionId);
201
202     /**
203      * Sets recipient key info, key id or similar. This is usually the request key info from the request message.
204      *
205      * @param recipientKeyInfo key info
206      */

207     public void setRecipientKeyInfo(byte[] recipientKeyInfo);
208     
209     /**
210      * Sets preferred digest algorithm for the response message, if applicable.
211      * If this is not called, a default is used.
212      *
213      * @param String oid of digest algorithm ex CMSSignedDataGenerator.MD5, SHA1, SHA256 etc
214      */

215     public void setPreferredDigestAlg(String JavaDoc digest);
216     
217     /** Sometimes (CMP) the response identifier sent depends on which request identifier was used,
218      * even if the messages themselves are the same mesages.
219      *
220      * @param reqtype which type of request message this response is in response to
221      */

222     public void setRequestType(int reqtype);
223     
224     /**
225      * For some types of request-responses there is a need for a requetsId to match the request and the
226      * response together.
227      * @param reqId the id from the request matching to this response
228      */

229     public void setRequestId(int reqid);
230     
231     /**
232      * For some types of requests, the protection used depends on parameters from the request,
233      * for example password based protection where algorithms, keyId etc is the same in the response as in the request
234      * @param IRequestMessage the request from where to pick protection parameters
235      */

236     public void setProtectionParamsFromRequest(IRequestMessage reqMsg);
237 }
238
Popular Tags