com.lacunasoftware.restpki

Class DetachedResourceXmlSignatureStarter

java.lang.Object

com.lacunasoftware.restpki.SignatureStarter

com.lacunasoftware.restpki.XmlSignatureStarter

com.lacunasoftware.restpki.DetachedResourceXmlSignatureStarter

public class DetachedResourceXmlSignatureStarter
extends XmlSignatureStarter

Class used to perform the first of the two steps required to perform a XML detached resource signature.

Note on confidentiality: the XML for the signature and the resource content are stored on the server between the first and second steps, but never unencrypted. The content is encrypted using AES-128 and the key is not stored on the server, it is instead mixed into the token that is returned and which is necessary on the second step. In other words, the server stores the XML and the resource content but is unable to read it on its own, therefore the XML contents cannot be compromised, even in the event of a complete data leakage.

Field Summary

Fields inherited from class com.lacunasoftware.restpki.XmlSignatureStarter

signatureElementId, signatureElementLocation, xml

Fields inherited from class com.lacunasoftware.restpki.SignatureStarter

callbackArgument, certificate, certificateInfo, client, done, securityContextId, signaturePolicyId

Constructor Summary

Constructors

Constructor and Description
DetachedResourceXmlSignatureStarter(RestPkiClient client) Create a new instance using the given RestPkiClient.

Method Summary

Modifier and Type	Method and Description
void	SetToSignDetachedResource(byte[] resourceContent, java.lang.String resourceUri) Sets the detached resource to be signed
void	SetToSignDetachedResource(java.nio.file.Path resourcePath, java.lang.String resourceUri) Sets the detached resource to be signed
void	SetToSignDetachedResource(java.lang.String resourcePath, java.lang.String resourceUri) Sets the detached resource to be signed
ClientSideSignatureInstructions	start() Performs the first step, should be called after setting the necessary parameters.
java.lang.String	startWithWebPki() Performs the first step, should be called after setting the necessary parameters.

Methods inherited from class com.lacunasoftware.restpki.XmlSignatureStarter

setSignatureElementId, setSignatureElementLocation, setXml, setXml, setXml, setXml

Methods inherited from class com.lacunasoftware.restpki.SignatureStarter

getCertificateInfo, setCallbackArgument, setSecurityContext, setSignaturePolicy, setSignerCertificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DetachedResourceXmlSignatureStarter

public DetachedResourceXmlSignatureStarter(RestPkiClient client)

Create a new instance using the given RestPkiClient.

Parameters:

client - the RestPkiClient which shall be used.

Method Detail

SetToSignDetachedResource

public void SetToSignDetachedResource(byte[] resourceContent,
                                      java.lang.String resourceUri)

Sets the detached resource to be signed

Parameters:

resourceContent - The resource bytes

resourceUri - The resource URI

SetToSignDetachedResource

public void SetToSignDetachedResource(java.lang.String resourcePath,
                                      java.lang.String resourceUri)
                               throws java.io.IOException

Sets the detached resource to be signed

Parameters:

resourcePath - The resource path

resourceUri - The resource URI

Throws:

java.io.IOException

SetToSignDetachedResource

public void SetToSignDetachedResource(java.nio.file.Path resourcePath,
                                      java.lang.String resourceUri)
                               throws java.io.IOException

Sets the detached resource to be signed

Parameters:

resourcePath - The resource path

resourceUri - The resource URI

Throws:

java.io.IOException

start

public ClientSideSignatureInstructions start()
                                      throws RestException

Performs the first step, should be called after setting the necessary parameters. If you intend to use the Web PKI component on the client-side, use the startWithRestPki() method instead.

Specified by:

start in class SignatureStarter

Returns:

An instance of ClientSideSignatureInstructions with the information necessary to perform the client-side signature and later call the server back with the results.

Throws:

RestException - if an error occurs when calling REST PKI

startWithWebPki

public java.lang.String startWithWebPki()
                                 throws RestException

Performs the first step, should be called after setting the necessary parameters. This method should be used if the Web PKI component is being used on the client-side.

Specified by:

startWithWebPki in class SignatureStarter

Returns:

The token that should be passed on the signWithRestPki method of the Web PKI component (on the client-side logic).

Throws:

RestException - if an error occurs when calling REST PKI