Package com.icodici.crypto

Class Capsule

java.lang.Object

com.icodici.crypto.Capsule

public class Capsule
extends java.lang.Object

The capsule is a main safe container, safe box to store and transmit content over the attesta network and components.

It consists of two arbitrary container, public one and private one. Private one could be acceed only by the parties having in disposal corresponding key. Private data are encrypted and signed using most secure EtA algorythm. For private part either public keys or symmetric keys are allowed in any combination and quantity.

Public part id available to anybody and is, normally signed or sealed. Siging and sealing is done only with private keys. Sealed capsule has signers key mentioned in the signed part, so it is impossible to add seal later unless it was intended by adding public keys is already mentioned in the public data.

Regular signatures can be added later to the capsule, with own timestamp. These have less significance than seals, though.

Capsule are encoded with bit-efficient binary typed format Boss and are transfered as packed binary paks.

Created by sergeych on 15.12.16.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
class	Capsule.BadSignatureException
class	Capsule.DecryptionFailedException
class	Capsule.FormatException
static interface	Capsule.KeySource

Constructor Summary

Constructors

Constructor	Description
Capsule()
Capsule(byte[] packed, Capsule.KeySource keySource)
Capsule(byte[] packed, Capsule.KeySource keySource, boolean allowPartiallySigned, boolean allowOnlyPublic)
Capsule(java.lang.String password, byte[] packed)	Try to decrypt the capsule with password.

Method Summary

Modifier and Type	Method	Description
void	addKeys(AbstractKey... keys)
void	addKeys(java.util.Collection<AbstractKey> keys)
java.lang.String	addSigner(AbstractKey key, net.sergeych.tools.Binder signerData)	Add single signer key with associated data.
void	addSigners(AbstractKey... keys)
void	addSigners(java.util.Collection<AbstractKey> signers)
void	clearKeys()
void	clearSigners()
boolean	decryptionFailed()
boolean	equals(java.lang.Object obj)
net.sergeych.tools.Binder	getPrivateData()
net.sergeych.tools.Binder	getPublicData()
net.sergeych.tools.Binder	getSignerData(AbstractKey key)	Retreive extra information of the signer.
net.sergeych.tools.Binder	getSignerData(java.lang.String signerKeyId)
java.util.Map<java.lang.String,net.sergeych.tools.Binder>	getSigners()
java.util.Collection<AbstractKey>	getSigningKeys()
boolean	isPartiallySigned()
boolean	isSigned()	Sets to true only after unpacking binary coffer which was signed - if it was signed properly.
Capsule	load(byte[] packedCoffer, Capsule.KeySource keySource, boolean allowPartiallySigned, boolean allowOnlyPublic)
byte[]	pack()
void	setPrivateData(java.lang.Object... keysAndValues)
void	setPrivateData(net.sergeych.tools.Binder privateData)
void	setPublicData(java.lang.Object... keysAndValues)
void	setPublicData(net.sergeych.tools.Binder publicData)
java.lang.String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

Capsule

public Capsule(java.lang.String password,
               byte[] packed)
        throws EncryptionError,
               Capsule.BadSignatureException

Try to decrypt the capsule with password. E.g. if the encrypted part contains any password- derived key information, the password will be used to try to derive the key. It is advisable to not to sign password capsules unless is really need, as AE used with tha password ensures the data are not modified after encryption.

Parameters:

password - to unencrypt the capsule

packed - ninary packed capsule

Throws:

EncryptionError - if it failed to decrypt

Capsule.BadSignatureException - if the signature present but the data is broken or tampered with.

Capsule

public Capsule()

Capsule

public Capsule(byte[] packed,
               Capsule.KeySource keySource)
        throws Capsule.BadSignatureException,
               java.io.IOException

Throws:

Capsule.BadSignatureException

java.io.IOException

Capsule

public Capsule(byte[] packed,
               Capsule.KeySource keySource,
               boolean allowPartiallySigned,
               boolean allowOnlyPublic)
        throws Capsule.BadSignatureException,
               java.io.IOException

Throws:

Capsule.BadSignatureException

java.io.IOException

Method Detail

isPartiallySigned

public boolean isPartiallySigned()

decryptionFailed

public boolean decryptionFailed()

setPrivateData

public void setPrivateData(java.lang.Object... keysAndValues)

isSigned

public boolean isSigned()

Sets to true only after unpacking binary coffer which was signed - if it was signed properly.

Returns:

true if the data is signed and can be trusted - if you trust at leat one of the signers.

getSigningKeys

public java.util.Collection<AbstractKey> getSigningKeys()

getSigners

public java.util.Map<java.lang.String,net.sergeych.tools.Binder> getSigners()

load

public Capsule load(byte[] packedCoffer,
                    Capsule.KeySource keySource,
                    boolean allowPartiallySigned,
                    boolean allowOnlyPublic)
             throws Capsule.BadSignatureException,
                    EncryptionError

Throws:

Capsule.BadSignatureException

EncryptionError

setPublicData

public void setPublicData(net.sergeych.tools.Binder publicData)

getPublicData

public net.sergeych.tools.Binder getPublicData()

setPrivateData

public void setPrivateData(net.sergeych.tools.Binder privateData)

getPrivateData

public net.sergeych.tools.Binder getPrivateData()

clearSigners

public void clearSigners()

addSigners

public void addSigners(java.util.Collection<AbstractKey> signers)

addSigners

public void addSigners(AbstractKey... keys)

addSigner

public java.lang.String addSigner(AbstractKey key,
                                  net.sergeych.tools.Binder signerData)

Add single signer key with associated data. Capsule format lets add any extra data to the signer key (e.g. role, restrictions and so on). Each signer receives an ID to refer which is returned.

Parameters:

key -

signerData -

Returns:

assigned ID of the signer

getSignerData

public net.sergeych.tools.Binder getSignerData(AbstractKey key)

Retreive extra information of the signer.

Parameters:

key -

Returns:

any extra data associated to the key. Empty Binder instance if there is no associated information

Throws:

java.lang.IllegalArgumentException - if key is not found

getSignerData

public net.sergeych.tools.Binder getSignerData(java.lang.String signerKeyId)

clearKeys

public void clearKeys()

addKeys

public void addKeys(java.util.Collection<AbstractKey> keys)

addKeys

public void addKeys(AbstractKey... keys)

pack

public byte[] pack()
            throws EncryptionError

Throws:

EncryptionError

setPublicData

public void setPublicData(java.lang.Object... keysAndValues)

equals

public boolean equals(java.lang.Object obj)

Overrides:

equals in class java.lang.Object

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object