DataSealChecker (End-To-End Encryption - Crypto

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

be.fgov.ehealth.etee.crypto.decrypt
Interface DataSealChecker

public interface DataSealChecker

Verify if outer signature is according to specified policies (ocsp, signing, encryption).

Method Summary
`CryptoResult<UnsealedData>`	`stamp(byte[] data, byte[] timestamp)` Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time.
`CryptoResult<UnsealedData>`	`stamp(java.io.InputStream data, java.io.OutputStream stampedData, byte[] timestamp)` Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time.
`CryptoResult<UnsealedData>`	`stamp(java.io.InputStream data, java.io.OutputStream stampedData, byte[] timestamp, DataPipe pipe)` Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time. The updated sealed message will be written into the given outputstream.
`CryptoResult<UnsealedData>`	`validate(byte[] data)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications.
`CryptoResult<UnsealedData>`	`validate(byte[] data, SigningCredential... signers)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications. If credential(s) of a signer are given, message must be signed with one of the given credentials.
`CryptoResult<UnsealedData>`	`validate(java.io.InputStream data, java.io.OutputStream verifiedData)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications.
`CryptoResult<UnsealedData>`	`validate(java.io.InputStream data, java.io.OutputStream verifiedData, DataPipe pipe)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications.
`CryptoResult<UnsealedData>`	`validate(java.io.InputStream data, java.io.OutputStream verifiedData, DataPipe pipe, SigningCredential... signers)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications. If credential(s) of a signer are given, message must be signed with one of the given credentials.
`CryptoResult<UnsealedData>`	`validate(java.io.InputStream data, java.io.OutputStream verifiedData, SigningCredential... signers)` Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption). Different levels of notifications can be added to the result (warning, error, fatal). Additional data from the result can be used for further verifications. If credential(s) of a signer are given, message must be signed with one of the given credentials.

Method Detail

validate

CryptoResult<UnsealedData> validate(byte[] data)

Parameters:: data - sealed data
Returns:: result of verification

validate

CryptoResult<UnsealedData> validate(byte[] data,
                                    SigningCredential... signers)

Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption).
Different levels of notifications can be added to the result (warning, error, fatal).
Additional data from the result can be used for further verifications.
If credential(s) of a signer are given, message must be signed with one of the given credentials. It is possible to configure this service to let it embed an OCSPResponse into the sealed message on verification of the outer signature. See OCSPOption. The updated sealed message will be available in the result object.

Parameters:: data - sealed data; signers - - credential(s) of expected signer
Returns:: result of verification

validate

CryptoResult<UnsealedData> validate(java.io.InputStream data,
                                    java.io.OutputStream verifiedData)

Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption).
Different levels of notifications can be added to the result (warning, error, fatal).
Additional data from the result can be used for further verifications. It is possible to configure this service to let it embed an OCSPResponse into the sealed message on verification of the outer signature. See OCSPOption. The updated sealed message will be written into the given outputstream.
Caution
To add an OCSPResponse to an allready sealed message as an unsigned attribute, the sealed inputstream must be read twice:

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the OCSPResponse and write it to the outputstream

This method will use an in memory dataPipe to pass the information from the first to the second inputstream. This may have impact on streaming large messages.

Parameters:: data - sealed data stream; verifiedData - stream to write sealed data after processing
Returns:: result of verification

validate

CryptoResult<UnsealedData> validate(java.io.InputStream data,
                                    java.io.OutputStream verifiedData,
                                    SigningCredential... signers)

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the OCSPResponse and write it to the outputstream

This method will use an in memory dataPipe to pass the information from the first to the second inputstream. This may have impact on streaming large messages.

Parameters:: data - sealed data stream; verifiedData - stream to write sealed data after processing; signers - - credential(s) of expected signer
Returns:: result of verification

validate

CryptoResult<UnsealedData> validate(java.io.InputStream data,
                                    java.io.OutputStream verifiedData,
                                    DataPipe pipe)

Verify if the sealed data is acceptable according to specified policies (ocsp, signing, encryption).
Different levels of notifications can be added to the result (warning, error, fatal).
Additional data from the result can be used for further verifications. It is possible to configure this service to let it embed an OCSPResponse into the sealed message on verification of the outer signature. See OCSPOption. The updated sealed message will be written into the given outputstream.
Caution
To add an OCSPResponse to an allready sealed message as an unsigned attribute, the sealed inputstream must be read twice:

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the OCSPResponse and write it to the outputstream

How the data is passed from the first to the second inputstream, depends on the implememtation of the DataPipe, given in the input. This may have impact on streaming large messages.

Parameters:: data - sealed data stream; verifiedData - stream to write sealed data after processing; pipe - used to store the incoming data while loading the signed info of the cms message and to retrieve a stream to update the cms message with revocation information
Returns:: result of verification

validate

CryptoResult<UnsealedData> validate(java.io.InputStream data,
                                    java.io.OutputStream verifiedData,
                                    DataPipe pipe,
                                    SigningCredential... signers)

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the OCSPResponse and write it to the outputstream

How the data is passed from the first to the second inputstream, depends on the implememtation of the DataPipe, given in the input. This may have impact on streaming large messages.

Parameters:: data - sealed data stream; verifiedData - stream to write sealed data after processing; pipe - used to store the incoming data while loading the signed info of the cms message and to retrieve a stream to update the cms message with revocation information; signers - - credential(s) of expected signer
Returns:: result of verification

stamp

CryptoResult<UnsealedData> stamp(byte[] data,
                                 byte[] timestamp)

Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time. The updated sealed message will be available in the result object.

Parameters:: data - sealed data; timestamp - timestamp on signature of sealed data
Returns:: status of operation and on success, the sealed data with embedded timestamp

stamp

CryptoResult<UnsealedData> stamp(java.io.InputStream data,
                                 java.io.OutputStream stampedData,
                                 byte[] timestamp)

Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time.
Caution
The updated sealed message will be written into the given outputstream. To add a timestamp to an allready sealed message as an unsigned attribute, the sealed inputstream must be read twice:

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the given timestamp and write it to the outputstream

This method uses an in memory dataPipe to pass the information from the first to the second inputstream.

Parameters:: data - sealed data; stampedData - on success, the sealed data with embedded timestamp; timestamp - timestamp on signature of sealed data
Returns:: status of operation

stamp

CryptoResult<UnsealedData> stamp(java.io.InputStream data,
                                 java.io.OutputStream stampedData,
                                 byte[] timestamp,
                                 DataPipe pipe)

Puts a timestamp on sealed data to prove that it existed in that state on a certain moment in time.

The updated sealed message will be written into the given outputstream. Caution
To add a timestamp to an allready sealed message as an unsigned attribute, the sealed inputstream must be read twice:

Once to load the SignerInfo of the message
Once as input to update the SignerInfo of the message with the given timestamp and write it to the outputstream

How the data is passed from the first to the second inputstream, depends on the implememtation of the DataPipe, given in the input.

Parameters:: data - sealed data; stampedData - on success, the sealed data with embedded timestamp; timestamp - timestamp on signature of sealed data; pipe - used to store the incoming data while loading the signed info of the cms message and to retrieve a stream to update the cms message with a timestamp
Returns:: status of operation

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

be.fgov.ehealth.etee.crypto.decrypt Interface DataSealChecker

validate

validate

validate

validate

validate

validate

stamp

stamp

stamp

be.fgov.ehealth.etee.crypto.decrypt
Interface DataSealChecker