|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.objectweb.proactive.ext.security.ProActiveSecurityManager
The ProActiveSecurityManager handles all security related actions for a given SecurityEntity.
Field Summary | |
protected byte[] |
encodedKeyStore
|
protected java.security.KeyStore |
keyStore
|
protected UniversalBody |
myBody
|
protected SecurityEntity |
parent
|
protected PolicyServer |
policyServer
|
protected RandomLongGenerator |
randomLongGenerator
|
protected java.util.Hashtable |
sessions
|
protected int |
type
|
protected java.lang.String |
VNName
|
Constructor Summary | |
ProActiveSecurityManager()
This a the default constructor to use with the ProActiveSecurityManager |
|
ProActiveSecurityManager(java.security.KeyStore keyStore,
PolicyServer policyServer)
|
|
ProActiveSecurityManager(PolicyServer server)
|
|
ProActiveSecurityManager(java.lang.String file)
|
Method Summary | |
byte[] |
decrypt(long sessionID,
byte[][] message,
int type)
Method decrypt. |
static java.lang.String |
displayByte(byte[] tab)
|
byte[][] |
encrypt(long sessionID,
java.lang.Object object,
int type)
Method encrypt. |
protected void |
generateEntityCertificate(java.lang.String siblingName)
|
ProActiveSecurityManager |
generateSiblingCertificate(java.lang.String siblingName)
|
java.security.cert.X509Certificate |
getCertificate()
entity certificate |
byte[] |
getCertificateEncoded()
This method returns the entity certificate as byte array. |
java.util.ArrayList |
getEntities()
Retrieves all the entity's ID which contain this entity plus this entity ID. |
java.security.cert.X509Certificate[] |
getMyCertificateChain()
|
java.util.Hashtable |
getOpenedConnexion()
|
SecurityEntity |
getParent()
|
SecurityContext |
getPolicy(SecurityContext securityContext)
Method getPolicyTo. |
PolicyServer |
getPolicyServer()
|
Communication |
getPolicyTo(java.lang.String type,
java.lang.String from,
java.lang.String to)
Method getPolicyTo. |
protected java.security.PrivateKey |
getPrivateKey()
|
ProActiveSecurityManager |
getProActiveSecurityManager()
|
java.security.PublicKey |
getPublicKey()
Method getPublicKey. |
Session |
getSession(long id)
|
long |
getSessionIDTo(java.security.cert.X509Certificate cert)
|
java.lang.String |
getVNName()
|
void |
initiateSession(int type,
SecurityEntity distantSecurityEntity)
Method initiateSession. |
ConfidentialityTicket |
keyNegociationReceiverSide(ConfidentialityTicket confidentialityTicket,
long randomID)
|
boolean |
keyNegociationSenderSide(SecurityEntity distantSecurityEntity,
long sessionID)
Method keyNegociationSenderSide. starts the challenge to negociate a session key. |
AuthenticationTicket |
mutualAuthenticationReceiverSide(AuthenticationTicket authenticationTicket,
long randomID)
|
boolean |
mutualAuthenticationSenderSide(UniversalBody distantBody,
java.security.cert.X509Certificate distantBodyCertificate)
|
byte[][] |
publicKeyExchange(long sessionID,
byte[] pub_key,
byte[] cert,
byte[] signature)
exchange entity certificate and/or public key if certificate are not available |
byte[] |
randomValue(long sessionID,
byte[] clientRandomValue)
Exchange random value between client and server entity |
byte[][] |
secretKeyExchange(long sessionID,
byte[] aesKey,
byte[] iv,
byte[] macKey,
byte[] lockData,
byte[] signatur)
Method secretKeyExchange. exchange secret between objects |
void |
setBody(UniversalBody body)
|
void |
setParent(SecurityEntity parent)
|
void |
setPolicyServer(PolicyServer policyServer)
Set entity policy server |
void |
setVNName(java.lang.String string)
allows to set the name of the current virtual node |
long |
startNewSession(Communication communicationPolicy)
start an unvalidated empty session |
void |
terminateSession(long sessionID)
terminate a given session |
void |
terminateSession(UniversalBody body,
long sessionID)
|
AuthenticationTicket |
unilateralAuthenticationReceiverSide(long randomID,
long rb,
java.lang.String emittor)
|
boolean |
unilateralAuthenticationSenderSide(UniversalBody distantBody)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
protected java.util.Hashtable sessions
protected transient RandomLongGenerator randomLongGenerator
protected PolicyServer policyServer
protected java.security.KeyStore keyStore
protected transient UniversalBody myBody
protected java.lang.String VNName
protected SecurityEntity parent
protected byte[] encodedKeyStore
protected int type
Constructor Detail |
public ProActiveSecurityManager()
public ProActiveSecurityManager(java.lang.String file) throws java.io.IOException, InvalidPolicyFile
public ProActiveSecurityManager(PolicyServer server)
server
- public ProActiveSecurityManager(java.security.KeyStore keyStore, PolicyServer policyServer)
keyStore
- policyServer
- Method Detail |
public void setBody(UniversalBody body)
public SecurityContext getPolicy(SecurityContext securityContext) throws SecurityNotAvailableException
getPolicy
in interface SecurityEntity
securityContext
- the object certificate we want to get the policy from
SecurityNotAvailableException
- thrown the entity doest not support the securitypublic Communication getPolicyTo(java.lang.String type, java.lang.String from, java.lang.String to) throws SecurityNotAvailableException
SecurityNotAvailableException
public void initiateSession(int type, SecurityEntity distantSecurityEntity) throws CommunicationForbiddenException, AuthenticationException, RenegotiateSessionException, SecurityNotAvailableException
distantSecurityEntity
-
CommunicationForbiddenException
AuthenticationException
RenegotiateSessionException
SecurityNotAvailableException
public java.security.cert.X509Certificate getCertificate()
SecurityEntity
getCertificate
in interface SecurityEntity
public void terminateSession(UniversalBody body, long sessionID)
public void terminateSession(long sessionID)
SecurityEntity
terminateSession
in interface SecurityEntity
sessionID
- public long startNewSession(Communication communicationPolicy)
SecurityEntity
startNewSession
in interface SecurityEntity
communicationPolicy
-
public byte[][] encrypt(long sessionID, java.lang.Object object, int type) throws RenegotiateSessionException
sessionID
- the session we use to encrypt the Objectobject
- the object to encrypt
RenegotiateSessionException
public byte[] decrypt(long sessionID, byte[][] message, int type) throws RenegotiateSessionException
sessionID
- the session we use to decrypt the messagemessage
- the message to decrypt
RenegotiateSessionException
public boolean mutualAuthenticationSenderSide(UniversalBody distantBody, java.security.cert.X509Certificate distantBodyCertificate) throws AuthenticationException
AuthenticationException
public boolean unilateralAuthenticationSenderSide(UniversalBody distantBody) throws AuthenticationException
AuthenticationException
public boolean keyNegociationSenderSide(SecurityEntity distantSecurityEntity, long sessionID) throws KeyExchangeException
distantSecurityEntity
- distant active object we want to communicate to.sessionID
- the id of the session we will use
KeyExchangeException
protected java.security.PrivateKey getPrivateKey()
public AuthenticationTicket mutualAuthenticationReceiverSide(AuthenticationTicket authenticationTicket, long randomID) throws AuthenticationException
AuthenticationException
public AuthenticationTicket unilateralAuthenticationReceiverSide(long randomID, long rb, java.lang.String emittor) throws AuthenticationException
AuthenticationException
public ConfidentialityTicket keyNegociationReceiverSide(ConfidentialityTicket confidentialityTicket, long randomID) throws KeyExchangeException
KeyExchangeException
public byte[] randomValue(long sessionID, byte[] clientRandomValue) throws SecurityNotAvailableException, RenegotiateSessionException
SecurityEntity
randomValue
in interface SecurityEntity
sessionID
- the session IDclientRandomValue
- client random value
RenegotiateSessionException
- if the session has expired
SecurityNotAvailableException
- if the security is not availablepublic byte[][] publicKeyExchange(long sessionID, byte[] pub_key, byte[] cert, byte[] signature) throws SecurityNotAvailableException, RenegotiateSessionException, KeyExchangeException
SecurityEntity
publicKeyExchange
in interface SecurityEntity
sessionID
- the session IDpub_key
- encoded public keycert
- encoded certificatesignature
- encoded signature of previous paramaters
SecurityNotAvailableException
- if the security is not available
KeyExchangeException
- if a key data/length/algorithm is not supported
RenegotiateSessionException
- if the session has expiredpublic static java.lang.String displayByte(byte[] tab)
public byte[][] secretKeyExchange(long sessionID, byte[] aesKey, byte[] iv, byte[] macKey, byte[] lockData, byte[] signatur)
secretKeyExchange
in interface SecurityEntity
sessionID
- the sessionaesKey
- the private keyiv
- macKey
- the MAC keylockData
- signatur
- signature of aesKey,iv, macKey and lockData
public long getSessionIDTo(java.security.cert.X509Certificate cert)
public java.security.PublicKey getPublicKey()
getPublicKey
in interface SecurityEntity
public java.util.Hashtable getOpenedConnexion()
public void setVNName(java.lang.String string)
string
- the name of the current Virtual Node if anypublic java.lang.String getVNName()
public PolicyServer getPolicyServer()
public byte[] getCertificateEncoded()
getCertificateEncoded
in interface SecurityEntity
public void setPolicyServer(PolicyServer policyServer)
policyServer
- public java.util.ArrayList getEntities()
SecurityEntity
getEntities
in interface SecurityEntity
public Session getSession(long id)
public java.security.cert.X509Certificate[] getMyCertificateChain()
public SecurityEntity getParent()
public void setParent(SecurityEntity parent)
public ProActiveSecurityManager generateSiblingCertificate(java.lang.String siblingName)
protected void generateEntityCertificate(java.lang.String siblingName)
public ProActiveSecurityManager getProActiveSecurityManager()
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |