|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface KgssService
The eHealth-platform Key Generation and Storage Service (KGSS) provides a web service interface to create a new key using the getNewKey
operation and to retrieve an existing key using the getKey operation. The services provided via this technical connector allow the
invocation of both operations based on a specific set of input criteria. For security reasons is the business payload of the information
exchanged with the KGSS encrypted suing the eHealth-platform End-to-End Encryption approach for addressed messages. In contradiction to
the other technical services provided as part of his technical API encapsulates this service the actual encryption and decryption of the
business message payload.
Default impl : KgssServiceImpl
Method Summary | |
---|---|
KeyResult |
getKey(GetKeyRequestContent request,
byte[] kgssETK,
SessionItem session)
Gets the key. |
GetKeyResponseContent |
getKey(GetKeyRequestContent request,
Credential encryption,
Credential serviceCredential,
Element samlAssertion,
Map<String,PrivateKey> decryptionKeys,
byte[] etk)
Ask the eHealth-platform Key Generation and Storage Service (KGSS) to retrieve a key, based on a given key identifier. |
KeyResult |
getNewKey(GetNewKeyRequestContent request,
byte[] kgssETK)
Asks KGSS to generate and store a new key. |
GetNewKeyResponseContent |
getNewKey(GetNewKeyRequestContent request,
Credential encryptionCredential,
Map<String,PrivateKey> decryptionKeys,
byte[] kgssETK)
Ask the eHealth-platform Key Generation and Storage Service (KGSS) to generate and store a new key, and return the identifier. |
Method Detail |
---|
KeyResult getNewKey(GetNewKeyRequestContent request, byte[] kgssETK) throws TechnicalConnectorException
request
- the requestkgssETK
- the kgss etk
TechnicalConnectorException
- the technical connector exceptionKeyResult getKey(GetKeyRequestContent request, byte[] kgssETK, SessionItem session) throws TechnicalConnectorException
request
- the requestkgssETK
- the kgss etksession
- the session
TechnicalConnectorException
- the technical connector exceptionGetNewKeyResponseContent getNewKey(GetNewKeyRequestContent request, Credential encryptionCredential, Map<String,PrivateKey> decryptionKeys, byte[] kgssETK) throws TechnicalConnectorException
request
- Business content to request a new key.encryptionCredential
- The credential to use for sealing the message contents, the certificate is used to seal the request, the
private key is embedded in the requestdecryptionKeys
- The decrypion keys available for decrypting the received message from KGSS, you can use the ETEE tool to
retrieve the decryption keys from your KeyStorekgssETK
- ETK of the KGSS as retrieved via the Key Depot getETK operation
TechnicalConnectorException
- When a technical exception occursGetKeyResponseContent getKey(GetKeyRequestContent request, Credential encryption, Credential serviceCredential, Element samlAssertion, Map<String,PrivateKey> decryptionKeys, byte[] etk) throws TechnicalConnectorException
request
- Business content to request a key.encryption
- The credential to use for sealing the message contents, the certificate is used to seal the request, the private
key is embedded in the requestserviceCredential
- The credential to use in combination with your SAML assertionsamlAssertion
- The SAML assertion you got back from STS to authenticate your requestdecryptionKeys
- The decrypion keys available for decrypting the received message from KGSS, you can use the ETEE tool to
retrieve the decryption keys from your KeyStoreetk
- ETK of the KGSS as retrieved via the Key Depot getETK operation
TechnicalConnectorException
- When a technical exception occurs
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |