SecurityServiceInterface

This interface provides access to a range of security related methods and constants. There are five methods, each with two signatures:

Method

encryptBytes

Method description

Encrypts the input

Syntax

Byte array input

public byte[] encryptBytes(BusinessDocumentInterface doc,
                                  byte[] buf, String alg)
          throws BCGSecurityException

InputStream input

public InputStream encryptBytes(BusinessDocumentInterface doc,
                                  InputStream in, String alg)
          throws BCGSecurityException

Parameters

doc
The business document

buf
The data (as a byte array) to be encrypted

in
The data (as an InputStream) to be encrypted

alg
The encryption type

Method

verifySignature

Method description

Verifies the signature

Syntax

Byte array input

   public SignInfo verifySignature (BusinessDocumentInterface doc,
                                     byte[] signature, byte[] buff,
                                     String businessId, 
                                     String signatureAlgo)
           throws BCGSecurityException

InputStream input

public SignInfo verifySignature (BusinessDocumentInterface doc,
                                     byte[] signature, 
                                     InputStream in,
                                     String businessId, 
                                     String signatureAlgo)
           throws BCGSecurityException

Parameters

doc
The business document

signature
The signature to be verified

buff
The data (as a byte array) whose signature is being verified

in
The data (as an InputStream) whose signature is being verified

businessID
The Business ID of the partner against which the signature is to be verified

signatureAlgo
The algorithm used in the signature

Method

decryptBytes

Method description

Decrypts the input

Syntax

Byte array input

public byte[] decryptBytes(BusinessDocumentInterface doc,
                               byte[] buff, String alg)
           throws BCGSecurityException

InputStream input

public InputStream decryptBytes(BusinessDocumentInterface doc,
                                   InputStream is, String alg) 
            throws BCGSecurityException

Parameters

doc
The business document

buf
The data (as a byte array) to be decrypted

is
The data (as an InputStream) to be decrypted

alg
The encryption type

Method

signMessage

Method description

Signs the data

Syntax

Byte array input

public SignInfo signMessage(BusinessDocumentInterface doc,
                                byte[] data, String alg)
        throws BCGSecurityException

InputStream input

public SignInfo signMessage(BusinessDocumentInterface document,
                                 InputStream is, String alg)
        throws BCGSecurityException

Parameters

doc
The business document

data
The data (as a byte array) to be signed

is
The data (as an InputStream) to be signed

alg
The encryption type

Method

generateDigest

Method description

Generates a digest

Syntax

Byte array input

public byte[] generateDigest(byte[] data, String alg)
               throws BCGSecurityException

InputStream input

public byte[] generateDigest(InputStream dataStream, String alg)
              throws BCGSecurityException

Parameters

data
The data as a byte array

dataStream
The data as an InputStream

alg
The encryption type

SecurityService methods update the business document with the following information whenever applicable:

Attribute name Description
SIGNING_PUBLIC_CERT_ID Identifier of the certificate used for signing the document
SIGNING_PRIVATE_KEY_ID Identifier of the key used for signing the document. This is
the hub owner's private key
ENCRYPTION_PUBLIC_CERT_ID Identifier of the participant's public key for encrypting
outbound documents
ENCRYPTION_PRIVATE_KEY_ID Identifier of the hub owner's private key for decrypting
inbound documents
DIGSIGALGORITHM Algorithm used to sign a message of type 'sha1' or 'md5'
DOC_ENCRYPT_ALGO Encryption algorithm used for message of type '3des','rc5' etc.

For reference, the SignInfo class (returned in some of the above methods):

package com.ibm.bcg.bcgdk.services;
public class SignInfo {
 private byte[] data;// signature data
 private byte[] digest;// message digest
 public byte[] getData();
 public void setData(byte[] data);
 public byte[] getDigest();
 public void setDigest(byte[] digest);
}

Constants

These define encryption and signature types:

public final String BCG_ENC_ALG_DES="3des"
public final String BCG_ENC_ALG_RC5 = "rc5"
public final String BCG_ENC_ALG_RC2 = "rc2-40"
public final String BCG_SIGN_ALG_SHA1="sha1"
public final String BCG_SIGN_ALG_MD5 = "md5"

Copyright IBM Corp. 2003, 2004