XMessageAbstractType (XKMS Documentation)

Overview

Package

Class

Tree

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

iaik.xkms
Interface XMessageAbstractType

All Known Subinterfaces:: CompoundRequest, CompoundResult, LocateRequest, LocateResult, PendingRequest, RecoverRequest, RecoverResult, RegisterRequest, RegisterResult, ReissueRequest, ReissueResult, Result, RevokeRequest, RevokeResult, StatusRequest, StatusResult, ValidateRequest, ValidateResult, XKISSRequest, XKRSSRequest, XKRSSResult, XRequestAbstractType, XResultType

public interface XMessageAbstractType

Abstract base type from which all XKMS messages are derived.

[86] The MessageAbstractType abstract type is the type from which all XKMS message element types are derived. The MessageAbstractType abstract type contains the following element and attributes:

<ds:Signature> [Optional]
An XML Signature in enveloped mode. The scope of the signature is the entire request message (i.e. the element derived from MessageAbstractType) and is specified using a reference to the 'Id' attribute specified in the MessageAbstractType abstract type.

<MessageExtension> [Any Number]
An extension element derived from the MessageExtensionAbstractType.

<OpaqueClientData> [Optional]
A collection of data specified by the client that is opaque to the service. An XKMS service SHOULD return the value of the <OpaqueClientData> element unmodified in a request in a response with status code 'Success'.

Id [Required]
A unique identifier generated by the originator.

Service [Required]
The URI of the Web Service port to which the request is addressed.

Nonce [Optional]
Cryptographically random data used to defend against replay attack.

Element <ds:Signature>
[88] An XML Signature in enveloped mode. The scope of the signature is the entire request message (i.e. the element derived from MessageAbstractType) and is specified using a reference to the 'Id' attribute specified in the MessageAbstractType abstract type. The empty identifier "" MUST NOT be used.

[89] Validation of XML Signatures MUST be done independent of any ancestral XML context of the message.
This may be achieved by:
-- Isolating the XKMS message from any 'wrapper' (eg. SOAP) before validation, or;
-- Specifying a canonicalization algorithm, such as Exclusive XML Canonicalization, in <SignedInfo>:<CanonicalizationMethod> to exclude ancestral XML context during the validation of the message.

[90] For interoperability purposes XKMS implementations MUST support the use of Exclusive XML Canonicalization.

[91] The <ds:Signature> element is specified in the XML Signature specification.

Element <MessageExtension>
[92] The <MessageExtension> element is an abstract element of the abstract type MessageExtensionAbstractType. Implementations may define subclasses of the MessageExtensionAbstractType to define message extension elements that may be applied to any XKMS message.

Element <OpaqueClientData>
[94] The <OpaqueClientData> contains data specified by the client that is opaque to the service. An XKMS service SHOULD return the value of an <OpaqueClientData> element, including its children, specified in a request unmodified in the corresponding response.

[95] A client MAY use Opaque client data in conjunction with asynchronous request processing to match a response to the original request context. Opaque client data MAY also be used in conjunction with synchronous request processing to provide context information for purposes such as audit trail reconciliation.

[364] Clients SHOULD NOT send confidential or privacy sensitive data to an XKMS Service as Opaque Data unless it is encrypted such that it is not disclosed to the service.

Method Summary
`void`	`addDefaults(XKMSContext ctx)` Add default values to message.
`void`	`addOpaqueClientData(byte[] data)` Adds a byte array to the `OpaqueClientData` of this message.
`void`	`clearOpaqueClientData()` Clears the content of `OpaqueClientData` of this message.
`NCName`	`getId()` Gets the Id of this message.
`String`	`getMessageName()` Gets plain text name of message.
`byte[]`	`getNonce()` Returns the `Nonce` of this message.
`List<byte[]>`	`getOpaqueClientData()` Gets all byte arrays in `OpaqueClientData` of this message.
`byte[]`	`getRequestSignatureValue()` Gets the `RequestSignatureValue`.
`String`	`getService()` Returns the `Service` URI of this message.
`X509Certificate`	`getSignatureCertificate()` Gets certificate of message signature.
`boolean`	`hasSignature()` Checks whether this message contains a signature.
`boolean`	`isValid()` Checks whether this object is in a consistent state.
`void`	`setId(NCName id)` Sets the `Id` of this message to the given `NCName`.
`void`	`setNonce(byte[] indata)` Sets the `Nonce` of this message to the given value.
`void`	`setService(String serviceURI)` Sets the `Service` URI of this message.
`void`	`setSignature(Key privatekey, X509Certificate cert)` Set credentials for whole message signature.
`String`	`toString()` OBSOLETE

Method Detail

setSignature

void setSignature(Key privatekey,
                  X509Certificate cert)

Set credentials for whole message signature.

Parameters:: privatekey - the private key to be used for signing; cert - the matching certificate to be used for signing

hasSignature

boolean hasSignature()

Checks whether this message contains a signature.

Returns:: true if this message is signed, false otherwise

getSignatureCertificate

X509Certificate getSignatureCertificate()

Gets certificate of message signature.

Returns:: certificate of the message signature if a signature is present and includes a certificate, null otherwise.

getRequestSignatureValue

byte[] getRequestSignatureValue()

Gets the RequestSignatureValue.

Returns:: the RequestSignatureValue

addOpaqueClientData

void addOpaqueClientData(byte[] data)

Adds a byte array to the OpaqueClientData of this message.

Parameters:: data - the data to add

getOpaqueClientData

List<byte[]> getOpaqueClientData()

Gets all byte arrays in OpaqueClientData of this message.

Returns:: List<byte[]> of all byte arrays in the OpaqueClientData

clearOpaqueClientData

void clearOpaqueClientData()

Clears the content of OpaqueClientData of this message.

setId

void setId(NCName id)

Sets the Id of this message to the given NCName.

Parameters:: id - new value for Id.

getId

NCName getId()

Gets the Id of this message.

Returns:: Id of this message

setService

void setService(String serviceURI)
                throws XKMSException

Sets the Service URI of this message.

Parameters:: serviceURI - value to set
Throws:: XKMSException - if the supplied value is not an URI

getService

String getService()

Returns the Service URI of this message.

Returns:: the Service URI

setNonce

void setNonce(byte[] indata)

Sets the Nonce of this message to the given value.

Parameters:: indata - new nonce value

getNonce

byte[] getNonce()

Returns the Nonce of this message.

Returns:: value of the nonce of this message

addDefaults

void addDefaults(XKMSContext ctx)

Add default values to message. Id is set to a random value.
Service URI is set to default value, if set in context.
Message default private key and certificate are added, if set in context.

isValid

boolean isValid()

Checks whether this object is in a consistent state. Meaning, that it can be marshalled without violating the XKMS schema and the values set appear reasonable according to the XKMS specification assertions.

Returns:: true if this object is in a conistent state, false otherwise

getMessageName

String getMessageName()

Gets plain text name of message.

Returns:: human reable description of message type (e.g. "LocateRequest").

toString

String toString()

OBSOLETE

Overrides:: toString in class Object