001/* 002 * (C) Copyright 2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Wojciech Sulejman 018 */ 019package org.nuxeo.ecm.platform.signature.api.user; 020 021import java.security.KeyStore; 022 023import org.nuxeo.ecm.core.api.DocumentModel; 024import org.nuxeo.ecm.platform.signature.api.exception.CertException; 025 026/** 027 * High-level user certificate and keystore operations. These services help retrieving certificates, keystores and other 028 * information related to specific users. 029 * 030 * @author <a href="mailto:[email protected]">Wojciech Sulejman</a> 031 */ 032public interface CUserService { 033 034 /** 035 * Generates user certificate and user keys, saves them to a user store, and persists the store in the directory. 036 * 037 * @param user 038 * @param userKeyPassword 039 * @throws CertException 040 */ 041 public DocumentModel createCertificate(DocumentModel user, String userKeyPassword) throws CertException; 042 043 /** 044 * Retrieves a UserInfo object containing information needed for certificate generation. 045 * 046 * @param userModel 047 * @return UserInfo 048 * @throws CertException 049 */ 050 public UserInfo getUserInfo(DocumentModel userModel) throws CertException; 051 052 /** 053 * Returns simplified textual representation of a certificate's contents. 054 * 055 * @param certificate 056 * @return Simple certificate string. 057 */ 058 public String getUserCertInfo(DocumentModel user, String userKeyPassword) throws CertException; 059 060 /** 061 * Retrieves user keystore from the directory. 062 * 063 * @param user 064 * @param userKeyPassword 065 * @return User KeyStore object 066 * @throws CertException 067 */ 068 public KeyStore getUserKeystore(String userID, String userKeyPassword) throws CertException; 069 070 /** 071 * Retrieves a user certificate from the directory. 072 * 073 * @param user 074 * @return certificate document model 075 */ 076 public DocumentModel getCertificate(String userID); 077 078 /** 079 * Retrieves the public root certificate. 080 * 081 * @param user 082 * @return certificate document model 083 */ 084 public byte[] getRootCertificateData(); 085 086 /** 087 * Checks if the user is present in the certificate directory. 088 * 089 * @param userID 090 * @return 091 * @throws CertException 092 */ 093 public boolean hasCertificate(String userID) throws CertException; 094 095 /** 096 * Deletes user entry from the certificate directory. 097 * <p> 098 * This is a high-level operation. The following containers/entries are removed: 099 * <ul> 100 * <li>a certificate directory entry related to the userID 101 * <li>a keystore (which was saved as a field in the directory entry) 102 * <li>a private key and a public certificate (which were contained in the keystore) 103 * </ul> 104 * 105 * @param user 106 * @throws CertException 107 */ 108 public void deleteCertificate(String userID) throws CertException; 109 110}