001/* 002 * (C) Copyright 2011 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Wojciech Sulejman 016 */ 017package org.nuxeo.ecm.platform.signature.api.user; 018 019import java.security.KeyStore; 020 021import org.nuxeo.ecm.core.api.DocumentModel; 022import org.nuxeo.ecm.platform.signature.api.exception.CertException; 023 024/** 025 * High-level user certificate and keystore operations. These services help retrieving certificates, keystores and other 026 * information related to specific users. 027 * 028 * @author <a href="mailto:ws@nuxeo.com">Wojciech Sulejman</a> 029 */ 030public interface CUserService { 031 032 /** 033 * Generates user certificate and user keys, saves them to a user store, and persists the store in the directory. 034 * 035 * @param user 036 * @param userKeyPassword 037 * @throws CertException 038 */ 039 public DocumentModel createCertificate(DocumentModel user, String userKeyPassword) throws CertException; 040 041 /** 042 * Retrieves a UserInfo object containing information needed for certificate generation. 043 * 044 * @param userModel 045 * @return UserInfo 046 * @throws CertException 047 */ 048 public UserInfo getUserInfo(DocumentModel userModel) throws CertException; 049 050 /** 051 * Returns simplified textual representation of a certificate's contents. 052 * 053 * @param certificate 054 * @return Simple certificate string. 055 */ 056 public String getUserCertInfo(DocumentModel user, String userKeyPassword) throws CertException; 057 058 /** 059 * Retrieves user keystore from the directory. 060 * 061 * @param user 062 * @param userKeyPassword 063 * @return User KeyStore object 064 * @throws CertException 065 */ 066 public KeyStore getUserKeystore(String userID, String userKeyPassword) throws CertException; 067 068 /** 069 * Retrieves a user certificate from the directory. 070 * 071 * @param user 072 * @return certificate document model 073 */ 074 public DocumentModel getCertificate(String userID); 075 076 /** 077 * Retrieves the public root certificate. 078 * 079 * @param user 080 * @return certificate document model 081 */ 082 public byte[] getRootCertificateData(); 083 084 /** 085 * Checks if the user is present in the certificate directory. 086 * 087 * @param userID 088 * @return 089 * @throws CertException 090 */ 091 public boolean hasCertificate(String userID) throws CertException; 092 093 /** 094 * Deletes user entry from the certificate directory. 095 * <p> 096 * This is a high-level operation. The following containers/entries are removed: 097 * <ul> 098 * <li>a certificate directory entry related to the userID 099 * <li>a keystore (which was saved as a field in the directory entry) 100 * <li>a private key and a public certificate (which were contained in the keystore) 101 * </ul> 102 * 103 * @param user 104 * @throws CertException 105 */ 106 public void deleteCertificate(String userID) throws CertException; 107 108}