Package com.netscape.certsrv.security
Interface IStorageKeyUnit
-
- All Superinterfaces:
IEncryptionUnit
,IToken
public interface IStorageKeyUnit extends IEncryptionUnit
An interface represents a storage key unit. This storage unit contains a storage key pair that is used for encrypting the user private key for long term storage.- Version:
- $Revision$, $Date$
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds)
Changes M-N recovery scheme.boolean
changeAgentPassword(java.lang.String id, java.lang.String oldpwd, java.lang.String newpwd)
Changes agent password.byte[]
decryptInternalPrivate(byte[] wrappedPrivateData, WrappingParams params)
Decrypts the internal private key (private key from the KRA's internal storage).byte[]
encryptInternalPrivate(byte[] rawPrivate, WrappingParams params)
Encrypts the internal private key (private key to the KRA's internal storage).java.util.Enumeration<java.lang.String>
getAgentIdentifiers()
Retrieves a list of agents in this unit.int
getNoOfAgents()
Retrieves total number of recovery agents.int
getNoOfRequiredAgents()
Retrieves number of recovery agents required to perform recovery operation.org.mozilla.jss.crypto.CryptoToken
getToken()
WrappingParams
getWrappingParams(boolean encrypt)
Get the wrapping parameters for this storage unitvoid
login(Credential[] ac)
Logins to this unit.void
setNoOfRequiredAgents(int number)
Sets the numer of required recovery agentsorg.mozilla.jss.crypto.PrivateKey
unwrap(byte[] privateKey, java.security.PublicKey pubKey, boolean temporary, WrappingParams params)
Unwraps data.org.mozilla.jss.crypto.SymmetricKey
unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, WrappingParams params)
Unwraps symmetric key data.byte[]
wrap(org.mozilla.jss.crypto.PrivateKey priKey, WrappingParams params)
Wraps data.byte[]
wrap(org.mozilla.jss.crypto.SymmetricKey symKey, WrappingParams params)
Wraps data.-
Methods inherited from interface com.netscape.certsrv.security.IEncryptionUnit
getOldWrappingParams, getPublicKey, unwrap_session_key, verify
-
-
-
-
Method Detail
-
getNoOfAgents
int getNoOfAgents() throws EBaseException
Retrieves total number of recovery agents.- Returns:
- total number of recovery agents
- Throws:
EBaseException
-
getNoOfRequiredAgents
int getNoOfRequiredAgents() throws EBaseException
Retrieves number of recovery agents required to perform recovery operation.- Returns:
- required number of recovery agents for recovery operation
- Throws:
EBaseException
-
setNoOfRequiredAgents
void setNoOfRequiredAgents(int number)
Sets the numer of required recovery agents- Parameters:
number
- number of required agents
-
getAgentIdentifiers
java.util.Enumeration<java.lang.String> getAgentIdentifiers()
Retrieves a list of agents in this unit.- Returns:
- a list of string-based agent identifiers
-
changeAgentPassword
boolean changeAgentPassword(java.lang.String id, java.lang.String oldpwd, java.lang.String newpwd) throws EBaseException
Changes agent password.- Parameters:
id
- agent idoldpwd
- old passwordnewpwd
- new password- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change password
-
changeAgentMN
boolean changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds) throws EBaseException
Changes M-N recovery scheme.- Parameters:
n
- total number of agentsm
- required number of agents for recovery operationoldcreds
- all old credentialsnewcreds
- all new credentials- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change schema
-
login
void login(Credential[] ac) throws EBaseException
Logins to this unit.- Parameters:
ac
- agent's credentials- Throws:
EBaseException
- failed to login
-
getToken
org.mozilla.jss.crypto.CryptoToken getToken()
-
encryptInternalPrivate
byte[] encryptInternalPrivate(byte[] rawPrivate, WrappingParams params) throws java.lang.Exception
Encrypts the internal private key (private key to the KRA's internal storage).- Parameters:
rawPrivate
- user's private key (key to be archived)params
- wrapping parameters- Returns:
- encrypted data
- Throws:
EBaseException
- failed to encryptjava.lang.Exception
-
wrap
byte[] wrap(org.mozilla.jss.crypto.PrivateKey priKey, WrappingParams params) throws java.lang.Exception
Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
priKey
- private key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapjava.lang.Exception
-
wrap
byte[] wrap(org.mozilla.jss.crypto.SymmetricKey symKey, WrappingParams params) throws java.lang.Exception
Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
symKey
- symmetric key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapjava.lang.Exception
-
decryptInternalPrivate
byte[] decryptInternalPrivate(byte[] wrappedPrivateData, WrappingParams params) throws java.lang.Exception
Decrypts the internal private key (private key from the KRA's internal storage).- Parameters:
wrappedPrivateData
- unwrapped private key data (key to be recovered)params
- - wrapping parameters- Returns:
- raw private key
- Throws:
java.lang.Exception
-
unwrap
org.mozilla.jss.crypto.SymmetricKey unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, WrappingParams params) throws java.lang.Exception
Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.- Parameters:
wrappedKeyData
- symmetric key data wrapped up with session key- Returns:
- Symmetric key object
- Throws:
java.lang.Exception
- failed to unwrap
-
unwrap
org.mozilla.jss.crypto.PrivateKey unwrap(byte[] privateKey, java.security.PublicKey pubKey, boolean temporary, WrappingParams params) throws java.lang.Exception
Unwraps data. This method rebuilds the private key by unwrapping the private key data.- Parameters:
privateKey
- private key datapubKey
- public key objecttemporary
- - temporary key?params
- - wrapping parameters- Returns:
- private key object
- Throws:
java.lang.Exception
-
getWrappingParams
WrappingParams getWrappingParams(boolean encrypt) throws java.lang.Exception
Get the wrapping parameters for this storage unit- Throws:
java.lang.Exception
-
-