Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.avis.security
Class KeyScheme

java.lang.Object
  extended by org.avis.security.KeyScheme
Direct Known Subclasses:
DualKeyScheme, SingleKeyScheme
public abstract class KeyScheme
extends Object

An enumeration of supported Elvin security schemes. A key scheme defines a mode of sending or receiving notifications securely.

The Producer Scheme

In the producer scheme, consumers of notifications ensure that a notification producer is known to them. The producer uses the private key, and consumers use the public key. If the producer keeps its private key secure, consumers can be assured they are receiving notifications from a trusted producer.

The Consumer Scheme

In the consumer scheme, producers of notifications ensure that a notification consumer is known to them, i.e. the producer controls who can receive its notifications. In this scheme -- the reverse of the producer scheme -- the consumer uses the private key, and producers use the public key. If the consumer keeps its private key secure, then the producer can be assured that only the trusted consumer can receive its notifications.

The Dual Scheme

The dual scheme combines both the producer and consumer schemes, so that both ends can send and receive securely. Typically both ends exchange public keys, and each end then emits notifications with both its private key and the public key(s) of its intended consumer(s) attached. Similarly, each end would subscribe using its private key and the public key(s) of its intended producer(s).

Avis Key Scheme API

The Elvin Producer and Consumer schemes both use a single set of keys, whereas the Dual scheme requires both a consumer key set and a producer key set. The schemes that require a single set of keys are defined by an instance of SingleKeyScheme, the Dual scheme is defined by an instance of DualKeyScheme.

Each key scheme also defines a secure hash for generating its public keys: see the documentation on security keys for more information on public and private keys used in key schemes.

Supported Schemes

Avis currently supports just the SHA-1 secure hash as defined in version 4.0 of the Elvin protocol. As such, three schemes are available: SHA1-Consumer, SHA1-Producer and SHA1-Dual.

Author:
Matthew Phillips

Field Summary
 boolean consumer
          True of this scheme is a consumer scheme.
 int id
          The unique ID of the scheme.
 SecureHash keyHash
          The secure hash used in this scheme.
 String name
          The unique, human-readable name of this scheme.
 boolean producer
          True if this scheme is a producer scheme.
static SingleKeyScheme SHA1_CONSUMER
          The SHA-1 Consumer key scheme.
static DualKeyScheme SHA1_DUAL
          The SHA-1 Dual key scheme.
static SingleKeyScheme SHA1_PRODUCER
          The SHA-1 Producer key scheme.
 
Method Summary
 boolean equals(Object object)
           
 int hashCode()
           
 boolean isDual()
          True if the scheme requires dual key sets.
 Key publicKeyFor(Key privateKey)
          Create the public (aka prime) key for a given private (aka raw) key using this scheme's hash.
static KeyScheme schemeFor(int id)
          Look up the scheme for a given ID.
static Set<KeyScheme> schemes()
          The set of all supported schemes.
 String toString()
           
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

SHA1_DUAL

public static final DualKeyScheme SHA1_DUAL
The SHA-1 Dual key scheme.

SHA1_PRODUCER

public static final SingleKeyScheme SHA1_PRODUCER
The SHA-1 Producer key scheme.

SHA1_CONSUMER

public static final SingleKeyScheme SHA1_CONSUMER
The SHA-1 Consumer key scheme.

id

public final int id
The unique ID of the scheme. This is the same as the on-the-wire ID used by Elvin.

producer

public final boolean producer
True if this scheme is a producer scheme.

consumer

public final boolean consumer
True of this scheme is a consumer scheme.

keyHash

public final SecureHash keyHash
The secure hash used in this scheme.

name

public final String name
The unique, human-readable name of this scheme.

Method Detail

isDual

public boolean isDual()
True if the scheme requires dual key sets.

publicKeyFor

public Key publicKeyFor(Key privateKey)
Create the public (aka prime) key for a given private (aka raw) key using this scheme's hash.

equals

public boolean equals(Object object)
Overrides:
equals in class Object

hashCode

public int hashCode()
Overrides:
hashCode in class Object

toString

public String toString()
Overrides:
toString in class Object

schemeFor

public static KeyScheme schemeFor(int id)
                           throws IllegalArgumentException
Look up the scheme for a given ID.

Throws:
IllegalArgumentException - if id is not a known scheme ID.

schemes

public static Set<KeyScheme> schemes()
The set of all supported schemes.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2008 Matthew Phillips. All Rights Reserved.