iaik.xkms
Interface XKeyBindingAbstractType

All Known Subinterfaces:
KeyBinding, PrototypeKeyBinding, QueryKeyBinding, RecoverKeyBinding, ReissueKeyBinding, RevokeKeyBinding, UnverifiedKeyBinding

public interface XKeyBindingAbstractType

Abstract base type from which all XKMS key bindings are derived.

[169] A key binding asserts a binding between data elements that relate to a public key including the <ds:KeyName>, <ds:KeyValue> and <ds:X509Data> components contained in a <ds:KeyInfo> element. Furthermore, the Service represents to the client accessing the service and to that client alone that the binding between the data elements is valid under whatever trust policy the service offers to that client.

[170] XKMS specifies four elements that specify key bindings, all of which are derived from the KeyBindingAbstractType. These elements are:
UnverifiedKeyBinding
Specifies the parameters of a particular instance of a key binding but not the status.
KeyBinding
Specifies the parameters of a particular instance of a key binding.
QueryKeyBinding
A template used to specify one or more key bindings using query by example.
PrototypeKeyBinding
A template used to specify the key binding parameters requested in a registration request.

[171] An XKMS service MAY provide an interface to an underlying PKI such as PKIX or PGP. This specification does not define how XKMS operations interact with the underlying PKI. The XKMS key binding MAY be bound to a data object such as a certificate or key signing in the underlying PKI such that XKMS operations on the key binding result in a corresponding change to the data structures in the underlying PKI and vice versa. If for example the XKMS service provides a mapping to an underlying PKIX/X.509 PKI the registration of a key binding would typically result in the issue of a certificate, even if the client does not ask for the certificate to be returned in the registration result. If the key binding were subsequently revoked the corresponding certificate in the underlying PKI would typically be revoked also.

[172] The KeyBindingAbstractType is the abstract type from which all XKMS key binding element specifiers are derived. It contains the following elements and attribute:
Id [Optional]
Identifier of the key binding.
<ds:KeyInfo> [Optional]
The public key information to which the key binding information is bound.
<KeyUsage> [0 to 3]
The cryptographic key uses for which the key may be used.
<UseKeyWith> [Any Number]
The applications with which the key may be used together with the application specific subject identifier of the key holder for that application.

[173] The Id identifier is defined to provide a means by which the key binding may be signed using XML Signature. Clients MUST NOT rely on the key binding identifier being either unique or stable. In the case that an XKMS service is providing an interface to an underlying PKI, clients MUST NOT rely on the service choosing key binding identifiers that are either the same as or bear a systematic relationship to the serial numbers or other identifiers of the corresponding credentials in the underlying PKI.


Method Summary
 void addKeyUsage(KeyUsage keyUsage)
          Adds supplied KeyUsage to KeyBinding.
 void addUseKeyWith(String application, String identifier)
          Adds UseKeyWith of supplied application and identifier string.
 void addUseKeyWith(UseKeyWith useKeyWith)
          Adds UseKeyWith to this keybinding
 String getId()
          Gets Id.
 KeyInfo getKeyInfo()
          Gets KeyInfo of this KeyBinding.
 List<KeyUsage> getKeyUsage()
          Gets list of KeyUsages.
 List<UseKeyWith> getUseKeyWithList()
          Gets list of UseKeyWiths.
 int getUseKeyWithSize()
          Gets the number of UseKeyWith elements in current list.
 void removeKeyUsage(KeyUsage keyUsage)
          Removes supplied KeyUsage from KeyBinding.
 void setId(String id)
          Sets Id.
 void setKeyInfo(KeyInfo keyinfo)
          Sets KeyInfo of this KeyBinding.
 

Method Detail

setKeyInfo

void setKeyInfo(KeyInfo keyinfo)
Sets KeyInfo of this KeyBinding.

Parameters:
keyinfo - supplied KeyInfo

getKeyInfo

KeyInfo getKeyInfo()
Gets KeyInfo of this KeyBinding.

Returns:
current KeyInfo of this KeyBinding.

addKeyUsage

void addKeyUsage(KeyUsage keyUsage)
Adds supplied KeyUsage to KeyBinding.

Parameters:
keyUsage - KeyUsage to add

removeKeyUsage

void removeKeyUsage(KeyUsage keyUsage)
Removes supplied KeyUsage from KeyBinding.

Parameters:
keyUsage - KeyUsage to remove

getKeyUsage

List<KeyUsage> getKeyUsage()
Gets list of KeyUsages.

This method returns a copy of the internal list.

Returns:
a copy of the internal list of key usages.

addUseKeyWith

void addUseKeyWith(String application,
                   String identifier)
                   throws XKMSException
Adds UseKeyWith of supplied application and identifier string.

Parameters:
application - application String to use, must be URI
identifier - identifier String to use
Throws:
XKMSException - if application String is not an URI

addUseKeyWith

void addUseKeyWith(UseKeyWith useKeyWith)
                   throws XKMSException
Adds UseKeyWith to this keybinding

Parameters:
useKeyWith - UseKeyWith which should be added
Throws:
XKMSException - if the application component is not an URI

getUseKeyWithList

List<UseKeyWith> getUseKeyWithList()
Gets list of UseKeyWiths.

This method returns a copy of the internal list.

Returns:
a copy of the internal list of use key withs.

getUseKeyWithSize

int getUseKeyWithSize()
Gets the number of UseKeyWith elements in current list.

Returns:
number of UseKeyWith elements in current list

setId

void setId(String id)
Sets Id.

Parameters:
id - new 'Id' value

getId

String getId()
Gets Id.

Returns:
'Id' value.