All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.statement.StatementMan

java.lang.Object
   |
   +----semper.statement.StatementMan

public class StatementMan
extends Object
implements ComPointConstants
Implements the manager for the statement block. The statement manager is responsible for secure transfer of information. The protection offered is: encryption (symmetric and asymmetric), message authenticaion code (MAC) and digital signatures. Conventional methods require that the two parties share a key. A key exchange functinality is provided by a module. This enables two parties to set up a session (by getting a StatementTransaction object). When setting up this object, security algoritms are negotiated and keys for conventional algorithms are exchanged. See here for more information about this block. the actual cryptographic functions are provided by the crypto manager.

Version:
$Revision: 1.55 $ $Date: 1998/08/04 11:16:15 $
Author:
Jesper Drud Nielsen (drud@cryptomathic.dk), Torben Pryds Pedersen (tpp@cryptomathic.dk)
See Also:
StatementManException, StatementTransaction, CryptoMan

Constructor Index

 o StatementMan()
The services of the statement manager are static.

Method Index

 o choose(Vector, ComPoint, Vector, String)
Based on the input a set of values received from another part is selected.
 o choose(Vector, Vector, String)
Based on the input, a set of values is selected.
 o init()
Initialises the StatementMan object.
 o isInitialised()
Tells whether StatementMan is initialised.
 o makeMessageListHead(SecurityService)
Produces a MessageListHead for the given security services To be used in negotition with peer.
 o openEncryptionSession(CertificateContext, CertificateContext, Vector, String)
Opens a statement session for encrypting or decrypting information.
 o openInitiatorStatementSession(ComPoint, boolean, CertificateContext, CertificateContext, Vector, String)
Constructs a StatementTransaction object corresponding to opening a session on the initiator side.
 o openInitiatorStatementSession(String, boolean, CertificateContext, CertificateContext, Vector, String)
Constructs a StatementTransaction object corresponding to opening a session on the initiator side.
 o openResponderStatementSession(ComPoint, boolean, CertificateContext, CertificateContext, Vector, String)
Constructs a StatementTransaction object corresponding to opening a session on the responder side.
 o openResponderStatementSession(String, boolean, CertificateContext, CertificateContext, Vector, String)
Constructs a StatementTransaction object corresponding to opening a session on the responder side.
 o openSession(CertificateContext, CertificateContext, Vector, String)
Opens a statement session.
 o openSignatureSession(CertificateContext, CertificateContext, Vector, String)
Opens a statement session for making or verifying signatures.
 o openStatementSession(boolean, ComPoint, boolean, CertificateContext, CertificateContext, Vector, String)
Opens a statement session this service provides everything needed by initiator as well as responder in order to create a context between the two parties (thus it is used by openInitiatorStatementSession & openResponderStatementSession).
 o proposeAlgorithms(SecurityService)
Makes a list of proposed algorithms for the requested service.
 o requestChoice(Vector, ComPoint, Vector, String)
Sends a list of proposed values to another party and gets back a vector of chosen values.
 o supportedAlgorithms(SecurityService)
Makes a list of supported algorithms for the requested service.
 o whichKeyExchanges()
Tell which methods for key exchange are supported.

Constructors

 o StatementMan
 public StatementMan() throws StatementManException
The services of the statement manager are static. To prevent errors the following method instantiation of objects of this class.

Throws: StatementManException
if this method is called

Methods

 o isInitialised
 public static boolean isInitialised()
Tells whether StatementMan is initialised. The StatementMan is initialised when StatementMan.init() has been executed succesfully

Returns:
true is StatementMan has been called, false otherwise.
 o init
 public static void init() throws StatementManException
Initialises the StatementMan object. This must be done before any other services (except isInitialised) are used. The initialisation uses several items from configuration. The item "semper.configuration.username" should contain user identification. If this is not supplied by the configuration init() reads the username from the system. The item "semper.statement.isServer" is read from Configuration. "0" means initialise the StatementMan for client use, "1" is for servers (a ServicePointThread is started). If the item is not present in Configuration, StatementMan is initialised for server use. Alternatively, one can set this option using "semper.statement.isLIstener". It has the same meaning, but at some point this name will be used for instead of "isServer". Thus it is recommended to set this configuration parameter using "isListener". If both are set, and they differ the value of "semper.statement.isListener" is used. Only one application on a machine can be initialised as a server. Several applications can run simultaneously on the same machine (e.g., as server and a client or several clients). Initialisation also builds the preferences needed for using the security services. Using these the user can select which cryptographic algorithms to use and which method to use for exchange of conventional keys. If a server is being initialised, init() starts up a Channel which clients can use for sending requests to the server. The port used by the server is read from WellKnownPorts. In coming versions init will also dynamically load the module preferred by the user. For the moment a default module supplied as part of SEMPER is used.

Throws: StatementManException
if the preferred Statement module could not be loaded
See Also:
Configuration, WellKnownPorts, Channel, StatementModule
 o proposeAlgorithms
 public static Vector proposeAlgorithms(SecurityService secService)
Makes a list of proposed algorithms for the requested service. Based on supported algorithms and user preferences, this service produces a list of suggested algorithms for the given security service.

Parameters:
secService - indicates the security service
Returns:
vector of proposed algorithms for the security service
 o makeMessageListHead
 public static MessageListHead makeMessageListHead(SecurityService secService)
Produces a MessageListHead for the given security services To be used in negotition with peer.

Parameters:
SecService - is teh SecurityService for which a MessageListHead is needed.
See Also:
proposeAlgorithms
 o supportedAlgorithms
 public static Vector supportedAlgorithms(SecurityService secService)
Makes a list of supported algorithms for the requested service.

Parameters:
secService - indicates the security service
Returns:
vector of supported algorithms for the requested security service
 o openStatementSession
 public static StatementTransaction openStatementSession(boolean server,
                                                         ComPoint cp,
                                                         boolean needSessionKey,
                                                         CertificateContext myContext,
                                                         CertificateContext yourContext,
                                                         Vector options,
                                                         String ext_ref) throws StatementManException, ComPointException, NegotiationException
Opens a statement session this service provides everything needed by initiator as well as responder in order to create a context between the two parties (thus it is used by openInitiatorStatementSession & openResponderStatementSession). First a ComPoint is opened between initiator and responder (this is done using the channel, which the server sets up as part of initialisation). A list of proposed algorithms (for the security services to be negotiated) is sent from the initiator to the responder. Similarly the responder makes a list of proposed algorithms. In the current version the responder compares the two lists and selects the first algorithm proposed by the initiator, which is also in his own list (in later version this negotiation will be refined to allow other procedures for this). The two parties can determine as part of input to this service for which security services, algorithms should be negotiated. If key exchange is requested, this service also exchange keys between the two parties using the method already negotiated. Finally this method creates a StatementTransaction object, which contains as part of its state the negotiated keys and certificats. It should be noted, that as part of setting up a session all certificates are verified.' The server must be ready to listen to the ComPoint, cp, when the client tries to communicate.

Parameters:
server - is a boolean indicating if the service is used by a server (may not be necessary)
cp - is the ComPoint that is used for communication with the peer. This
needSessionKeys - is a boolean, indicating if session keys should be exchanged
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: ComPointException
in case of communication problems
Throws: NegotiationException
if the negotiation failed
See Also:
openInitiatorStatementSession, openResponderStatementSession, proposeAlgorithms
 o openSession
 public static StatementTransaction openSession(CertificateContext myContext,
                                                CertificateContext yourContext,
                                                Vector options,
                                                String ext_ref) throws StatementManException, NegotiationException
Opens a statement session. This service provides everything needed in order to create a non-interactive context for a party, when the peer party is already known A list of proposed algorithms is made and the first algorithm proposed is selected. The party can determine as part of input to this service for which security services, algorithms should be negotiated. Finally this method creates a StatementTransaction object, which contains as part of its state the non-interactively negotiated certificates and algorithms. It should be noted, that as part of setting up a session all certificates are verified.

Parameters:
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: NegotiationException
if the negotiation failed
See Also:
proposeAlgorithms
 o openSignatureSession
 public static StatementTransaction openSignatureSession(CertificateContext myContext,
                                                         CertificateContext yourContext,
                                                         Vector options,
                                                         String ext_ref) throws StatementManException, NegotiationException
Opens a statement session for making or verifying signatures. A list of proposed algorithms is made and the first algorithm proposed is selected. The party can determine as part of input to this service the algorithms negotiated. Finally this method creates a StatementTransaction object, which contains as part of its state the negotiated certificate and algorithm. It should be noted, that as part of setting up a session the certificate is verified.

Parameters:
myContext - is my own CertificateContext. If the statement session is opened for verifying signatures, myContext is set to null.
yourContext - is the CertificateContext of the other party. If the statement session is opened for making signatures, yourContext is set to null.
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: NegotiationException
if the negotiation failed
See Also:
proposeAlgorithms
 o openEncryptionSession
 public static StatementTransaction openEncryptionSession(CertificateContext myContext,
                                                          CertificateContext yourContext,
                                                          Vector options,
                                                          String ext_ref) throws StatementManException, NegotiationException
Opens a statement session for encrypting or decrypting information. A list of proposed algorithms is made and the first algorithm proposed is selected. The party can determine as part of input to this service the algorithms negotiated. Finally this method creates a StatementTransaction object, which contains as part of its state the negotiated certificate and algorithm. It should be noted, that as part of setting up a session the certificate is verified.

Parameters:
myContext - is my own CertificateContext. If the statement session is opened for encrypting information, myContext is set to null.
yourContext - is the CertificateContext of the other party. If the statement session is opened for decrypting information, yourContext is set to null.
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: NegotiationException
if the negotiation failed
See Also:
proposeAlgorithms
 o openInitiatorStatementSession
 public static StatementTransaction openInitiatorStatementSession(String serverAddress,
                                                                  boolean needSessionKey,
                                                                  CertificateContext myContext,
                                                                  CertificateContext yourContext,
                                                                  Vector options,
                                                                  String ext_ref) throws StatementManException, ComPointException, NegotiationException
Constructs a StatementTransaction object corresponding to opening a session on the initiator side. Prior to calling this method the two parties involved should have negotiated certificate contexts. This method presumes that a responder (server) is willing to open a session. It uses openStatementSession, which negotiates algorithms and exchanges keys initiator and responder.

Parameters:
serverAddress - the address of the server (responder)
needSessionKeys - is a boolean, indicating if session keys should be exchanged
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: ComPointException
in case of communication problems
Throws: NegotiationException
if the negotiation failed
See Also:
openStatementSession, openResponderStatementSession
 o openInitiatorStatementSession
 public static StatementTransaction openInitiatorStatementSession(ComPoint cp,
                                                                  boolean needSessionKey,
                                                                  CertificateContext myContext,
                                                                  CertificateContext yourContext,
                                                                  Vector options,
                                                                  String ext_ref) throws StatementManException, ComPointException, NegotiationException
Constructs a StatementTransaction object corresponding to opening a session on the initiator side. Prior to calling this method the two parties involved should have negotiated certificate contexts. This method presumes that a responder (server) is willing to open a session. It uses openStatementSession, which negotiates algorithms and exchanges keys initiator and responder. The responder must be ready to listen to the ComPoint, cp, when the initiator tries to communicate.

Parameters:
cp - is the ComPoint that is used for communication with the peer.
needSessionKeys - is a boolean, indicating if session keys should be exchanged
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: ComPointException
in case of communication problems
Throws: NegotiationException
if the negotiation failed
See Also:
openStatementSession, openResponderStatementSession
 o openResponderStatementSession
 public static StatementTransaction openResponderStatementSession(String serverAddress,
                                                                  boolean needSessionKey,
                                                                  CertificateContext myContext,
                                                                  CertificateContext yourContext,
                                                                  Vector options,
                                                                  String ext_ref) throws StatementManException, ComPointException, NegotiationException
Constructs a StatementTransaction object corresponding to opening a session on the responder side. Prior to calling this method the two parties involved should have negotiated certificate contexts. This method uses openStatementSession, which negotiates algorithms and exchanges keys initiator and responder.

Parameters:
serverAddress - the address of the server (responder)
needSessionKeys - is a boolean, indicating if session keys should be exchanged
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: ComPointException
in case of communication problems
Throws: NegotiationException
if the negotiation failed
See Also:
openInitiatorStatementSession, openStatementSession
 o openResponderStatementSession
 public static StatementTransaction openResponderStatementSession(ComPoint cp,
                                                                  boolean needSessionKey,
                                                                  CertificateContext myContext,
                                                                  CertificateContext yourContext,
                                                                  Vector options,
                                                                  String ext_ref) throws StatementManException, ComPointException, NegotiationException
Constructs a StatementTransaction object corresponding to opening a session on the responder side. Prior to calling this method the two parties involved should have negotiated certificate contexts. This method uses openStatementSession, which negotiates algorithms and exchanges keys initiator and responder. The responder must be ready to listen to the ComPoint, cp, when the initiator tries to communicate.

Parameters:
cp - is the ComPoint that is used for communication with the peer.
needSessionKeys - is a boolean, indicating if session keys should be exchanged
myContext - is my own CertificateContext
yourContext - is the CertificateContext of the other party
options - is a Vector with parameters needed to open a channel
ext_ref - external reference string sent by the peer
Returns:
An object corresponding to the session
Throws: StatementManException
if the transaction object could not be opened
Throws: ComPointException
in case of communication problems
Throws: NegotiationException
if the negotiation failed
See Also:
openInitiatorStatementSession, openStatementSession
 o whichKeyExchanges
 public static Vector whichKeyExchanges()
Tell which methods for key exchange are supported.

Returns:
vector of Integer of supported methods
See Also:
whichAlgs
 o requestChoice
 public static Vector requestChoice(Vector array_of_values,
                                    ComPoint com_point,
                                    Vector options,
                                    String ext_ref) throws NegotiationException
Sends a list of proposed values to another party and gets back a vector of chosen values. The caller of this services supplies a vector of possible values (each item corresponds to a security service and contains a list of acceptable algorithms for that service). The counterpart returns vector of chosen algorithms. This list is verified and finally returned.

Parameters:
array_of_values - is an array of messageListHeads containting the proposed algorithms
com_point - is the ComPoint by which the two parties can communicate
options - a Vector (place holder to support security options).
ext_ref - external reference string.
Returns:
Vector of MessageListHead corresponding to the result of the negotiation. For each messageListhead 0 or more algorithms may have been chosen.
Throws: NegotiationException
if the negotiation fails
See Also:
choose
 o choose
 public static Vector choose(Vector array_of_values,
                             ComPoint com_point,
                             Vector options,
                             String ext_ref) throws NegotiationException
Based on the input a set of values received from another part is selected. The caller of this services supplies a vector of possible values (each item corresponds to a security service and contains a list of acceptable algorithms for that service). the method receives from another party a list of values acceptable for the other party. This method then computes the subset of the two lists. The resulting vector is send back and returned to the caller.

Parameters:
list_of_values - is a vecotr of MessageLIsthead containing the list of acceptable values.
com_point - is the ComPoint used for communication during negotiation
options - a Vector (place holder to support security options).
ext_ref - a String used for external references - currently not used
Returns:
Vector containing values common to both client and server.
Throws: NegotiationException
if negotiation fails
See Also:
requestChoice
 o choose
 public static Vector choose(Vector array_of_values,
                             Vector options,
                             String ext_ref) throws NegotiationException
Based on the input, a set of values is selected. The caller of this services supplies a vector of possible values (each item corresponds to a security service and contains a list of acceptable algorithms for that service). This method then computes the subset of the two lists. The resulting vector is send back and returned to the caller.

Parameters:
list_of_values - is a vecotr of MessageLIsthead containing the list of acceptable values.
options - a Vector (place holder to support security options).
ext_ref - a String used for external references - currently not used
Returns:
Vector containing values common to both client and server.
Throws: NegotiationException
if negotiation fails
See Also:
requestChoice

All Packages  Class Hierarchy  This Package  Previous  Next  Index