Package com.netscape.certsrv.security

Interface IStorageKeyUnit

  • All Superinterfaces:
    IEncryptionUnit, IToken
    public interface IStorageKeyUnit
extends IEncryptionUnit
    An interface represents a storage key unit. This storage unit contains a storage key pair that is used for encrypting the user private key for long term storage.
    Version:
    $Revision$, $Date$

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean changeAgentMN​(int n, int m, Credential[] oldcreds, Credential[] newcreds)
      Changes M-N recovery scheme.
      boolean changeAgentPassword​(java.lang.String id, java.lang.String oldpwd, java.lang.String newpwd)
      Changes agent password.
      byte[] decryptInternalPrivate​(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Decrypts the internal private key (private key from the KRA's internal storage).
      byte[] encryptInternalPrivate​(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Encrypts the internal private key (private key to the KRA's internal storage).
      java.util.Enumeration<java.lang.String> getAgentIdentifiers()
      Retrieves a list of agents in this unit.
      int getNoOfAgents()
      Retrieves total number of recovery agents.
      int getNoOfRequiredAgents()
      Retrieves number of recovery agents required to perform recovery operation.
      org.mozilla.jss.crypto.CryptoToken getToken()  
      org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams​(boolean encrypt)
      Get the wrapping parameters for this storage unit
      void login​(Credential[] ac)
      Logins to this unit.
      void setNoOfRequiredAgents​(int number)
      Sets the numer of required recovery agents
      org.mozilla.jss.crypto.PrivateKey unwrap​(byte[] privateKey, java.security.PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Unwraps data.
      org.mozilla.jss.crypto.SymmetricKey unwrap​(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Unwraps symmetric key data.
      byte[] wrap​(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Wraps data.
      byte[] wrap​(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
      Wraps data.

    • Method Detail

      • getNoOfAgents

        int getNoOfAgents()
           throws EBaseException
        Retrieves total number of recovery agents.
        Returns:
        total number of recovery agents
        Throws:
        EBaseException

      • getNoOfRequiredAgents

        int getNoOfRequiredAgents()
                   throws EBaseException
        Retrieves number of recovery agents required to perform recovery operation.
        Returns:
        required number of recovery agents for recovery operation
        Throws:
        EBaseException

      • setNoOfRequiredAgents

        void setNoOfRequiredAgents​(int number)
        Sets the numer of required recovery agents
        Parameters:
        number - number of required agents

      • getAgentIdentifiers

        java.util.Enumeration<java.lang.String> getAgentIdentifiers()
        Retrieves a list of agents in this unit.
        Returns:
        a list of string-based agent identifiers

      • changeAgentPassword

        boolean changeAgentPassword​(java.lang.String id,
                            java.lang.String oldpwd,
                            java.lang.String newpwd)
                     throws EBaseException
        Changes agent password.
        Parameters:
        id - agent id
        oldpwd - old password
        newpwd - new password
        Returns:
        true if operation successful
        Throws:
        EBaseException - failed to change password

      • changeAgentMN

        boolean changeAgentMN​(int n,
                      int m,
                      Credential[] oldcreds,
                      Credential[] newcreds)
               throws EBaseException
        Changes M-N recovery scheme.
        Parameters:
        n - total number of agents
        m - required number of agents for recovery operation
        oldcreds - all old credentials
        newcreds - all new credentials
        Returns:
        true if operation successful
        Throws:
        EBaseException - failed to change schema

      • getToken

        org.mozilla.jss.crypto.CryptoToken getToken()

      • encryptInternalPrivate

        byte[] encryptInternalPrivate​(byte[] rawPrivate,
                              org.mozilla.jss.netscape.security.util.WrappingParams params)
                       throws java.lang.Exception
        Encrypts the internal private key (private key to the KRA's internal storage).
        Parameters:
        rawPrivate - user's private key (key to be archived)
        params - wrapping parameters
        Returns:
        encrypted data
        Throws:
        EBaseException - failed to encrypt
        java.lang.Exception

      • wrap

        byte[] wrap​(org.mozilla.jss.crypto.PrivateKey priKey,
            org.mozilla.jss.netscape.security.util.WrappingParams params)
     throws java.lang.Exception
        Wraps data. The given key will be wrapped by the private key in this unit.
        Parameters:
        priKey - private key to be wrapped
        params - wrapping parameters
        Returns:
        wrapped data
        Throws:
        EBaseException - failed to wrap
        java.lang.Exception

      • wrap

        byte[] wrap​(org.mozilla.jss.crypto.SymmetricKey symKey,
            org.mozilla.jss.netscape.security.util.WrappingParams params)
     throws java.lang.Exception
        Wraps data. The given key will be wrapped by the private key in this unit.
        Parameters:
        symKey - symmetric key to be wrapped
        params - wrapping parameters
        Returns:
        wrapped data
        Throws:
        EBaseException - failed to wrap
        java.lang.Exception

      • decryptInternalPrivate

        byte[] decryptInternalPrivate​(byte[] wrappedPrivateData,
                              org.mozilla.jss.netscape.security.util.WrappingParams params)
                       throws java.lang.Exception
        Decrypts the internal private key (private key from the KRA's internal storage).
        Parameters:
        wrappedPrivateData - unwrapped private key data (key to be recovered)
        params - - wrapping parameters
        Returns:
        raw private key
        Throws:
        java.lang.Exception

      • unwrap

        org.mozilla.jss.crypto.SymmetricKey unwrap​(byte[] wrappedKeyData,
                                           org.mozilla.jss.crypto.SymmetricKey.Type algorithm,
                                           int keySize,
                                           org.mozilla.jss.netscape.security.util.WrappingParams params)
                                    throws java.lang.Exception
        Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.
        Parameters:
        wrappedKeyData - symmetric key data wrapped up with session key
        Returns:
        Symmetric key object
        Throws:
        java.lang.Exception - failed to unwrap

      • unwrap

        org.mozilla.jss.crypto.PrivateKey unwrap​(byte[] privateKey,
                                         java.security.PublicKey pubKey,
                                         boolean temporary,
                                         org.mozilla.jss.netscape.security.util.WrappingParams params)
                                  throws java.lang.Exception
        Unwraps data. This method rebuilds the private key by unwrapping the private key data.
        Parameters:
        privateKey - private key data
        pubKey - public key object
        temporary - - temporary key?
        params - - wrapping parameters
        Returns:
        private key object
        Throws:
        java.lang.Exception

      • getWrappingParams

        org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams​(boolean encrypt)
                                                                 throws java.lang.Exception
        Get the wrapping parameters for this storage unit
        Throws:
        java.lang.Exception