Method Detail

• getNoOfRequiredAgents

  int getNoOfRequiredAgents()
                     throws EBaseException

  Retrieves number of agent required to perform key recovery operation.

  Returns:

  number of required recovery agents

  Throws:

  EBaseException - failed to retrieve value

• isApprovedAsyncKeyRecovery

  boolean isApprovedAsyncKeyRecovery​(java.lang.String reqID)
                              throws EBaseException

  is async recovery request status APPROVED - i.e. all required # of recovery agents approved

  Parameters:

  reqID - request id

  Returns:

  true if # of recovery required agents approved; false otherwise

  Throws:

  EBaseException

• getInitAgentAsyncKeyRecovery

  java.lang.String getInitAgentAsyncKeyRecovery​(java.lang.String reqID)
                                         throws EBaseException

  get async recovery request initiating agent

  Parameters:

  reqID - request id

  Returns:

  agentUID

  Throws:

  EBaseException

• initAsyncKeyRecovery

  java.lang.String initAsyncKeyRecovery​(java.math.BigInteger kid,
                                        org.mozilla.jss.netscape.security.x509.X509CertImpl cert,
                                        java.lang.String agent,
                                        java.lang.String realm)
                                 throws EBaseException

  Initiate asynchronous key recovery

  Parameters:

  kid - key identifier

  cert - certificate embedded in PKCS12

  agent - agent requesting recovery

  realm - authorization realm

  Returns:

  requestId

  Throws:

  EBaseException - failed to initiate async recovery

• addAgentAsyncKeyRecovery

  void addAgentAsyncKeyRecovery​(java.lang.String reqID,
                                java.lang.String agentID)
                         throws EBaseException

  add approving agent in asynchronous key recovery

  Parameters:

  reqID - request id

  agentID - agent id

  Throws:

  EBaseException - failed to initiate async recovery

• doKeyRecovery

  byte[] doKeyRecovery​(java.math.BigInteger kid,
                       Credential[] creds,
                       java.lang.String pwd,
                       org.mozilla.jss.netscape.security.x509.X509CertImpl cert,
                       java.lang.String delivery,
                       java.lang.String nickname,
                       java.lang.String agent)
                throws EBaseException

  Performs administrator-initiated key recovery.

  Parameters:

  kid - key identifier

  creds - list of credentials (id and password)

  pwd - password to protect PKCS12

  cert - certificate embedded in PKCS12

  delivery - delivery mechanism

  Returns:

  pkcs12

  Throws:

  EBaseException - failed to perform recovery

• doKeyRecovery

  byte[] doKeyRecovery​(java.lang.String reqID,
                       java.lang.String password)
                throws EBaseException

  Async Recovers key for administrators. This method is invoked by the agent operation of the key recovery servlet.

  • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is made (this is when the DRM receives the request)
  • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery request is processed (this is when the DRM processes the request)

  Parameters:

  reqID - request id

  password - password of the PKCS12 package subsystem

  Returns:

  a byte array containing the key

  Throws:

  EBaseException - failed to recover key

• getRecoveryID

  java.lang.String getRecoveryID()

  Retrieves recovery identifier.

  Returns:

  recovery id

• createRecoveryParams

  java.util.Hashtable<java.lang.String,​java.lang.Object> createRecoveryParams​(java.lang.String recoveryID)
                                                                             throws EBaseException

  Creates recovery parameters for the given recovery operation.

  Parameters:

  recoveryID - recovery id

  Returns:

  recovery parameters

  Throws:

  EBaseException - failed to create

• destroyRecoveryParams

  void destroyRecoveryParams​(java.lang.String recoveryID)
                      throws EBaseException

  Destroys recovery parameters for the given recovery operation.

  Parameters:

  recoveryID - recovery id

  Throws:

  EBaseException - failed to destroy

• getRecoveryParams

  java.util.Hashtable<java.lang.String,​java.lang.Object> getRecoveryParams​(java.lang.String recoveryID)
                                                                          throws EBaseException

  Retrieves recovery parameters for the given recovery operation.

  Parameters:

  recoveryID - recovery id

  Returns:

  recovery parameters

  Throws:

  EBaseException - failed to retrieve

• addDistributedCredential

  void addDistributedCredential​(java.lang.String recoveryID,
                                java.lang.String uid,
                                java.lang.String pwd)
                         throws EBaseException

  Adds password in the distributed recovery operation.

  Parameters:

  recoveryID - recovery id

  uid - agent uid

  pwd - agent password

  Throws:

  EBaseException - failed to add

• getDistributedCredentials

  Credential[] getDistributedCredentials​(java.lang.String recoveryID)
                                  throws EBaseException

  Retrieves credentials in the distributed recovery operation.

  Parameters:

  recoveryID - recovery id

  Returns:

  agent's credentials

  Throws:

  EBaseException - failed to retrieve