Interface IStorageKeyUnit

All Superinterfaces:
IEncryptionUnit, IToken

public interface IStorageKeyUnit extends IEncryptionUnit
An interface represents a storage key unit. This storage unit contains a storage key pair that is used for encrypting the user private key for long term storage.
Version:
$Revision$, $Date$
  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds)
    Changes M-N recovery scheme.
    boolean
    changeAgentPassword(String id, String oldpwd, String newpwd)
    Changes agent password.
    byte[]
    decryptInternalPrivate(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Decrypts the internal private key (private key from the KRA's internal storage).
    byte[]
    encryptInternalPrivate(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Encrypts the internal private key (private key to the KRA's internal storage).
    Retrieves a list of agents in this unit.
    int
    Retrieves total number of recovery agents.
    int
    Retrieves number of recovery agents required to perform recovery operation.
    org.mozilla.jss.crypto.CryptoToken
     
    org.mozilla.jss.netscape.security.util.WrappingParams
    getWrappingParams(boolean encrypt)
    Get the wrapping parameters for this storage unit
    void
    Logins to this unit.
    void
    Sets the numer of required recovery agents
    org.mozilla.jss.crypto.PrivateKey
    unwrap(byte[] privateKey, PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Unwraps data.
    org.mozilla.jss.crypto.SymmetricKey
    unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Unwraps symmetric key data.
    byte[]
    wrap(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Wraps data.
    byte[]
    wrap(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
    Wraps data.

    Methods inherited from interface com.netscape.certsrv.security.IEncryptionUnit

    getOldWrappingParams, getPublicKey, unwrap_session_key, verify

    Methods inherited from interface com.netscape.certsrv.security.IToken

    login, logout
  • Method Details

    • getNoOfAgents

      int getNoOfAgents() throws EBaseException
      Retrieves total number of recovery agents.
      Returns:
      total number of recovery agents
      Throws:
      EBaseException
    • getNoOfRequiredAgents

      int getNoOfRequiredAgents() throws EBaseException
      Retrieves number of recovery agents required to perform recovery operation.
      Returns:
      required number of recovery agents for recovery operation
      Throws:
      EBaseException
    • setNoOfRequiredAgents

      void setNoOfRequiredAgents(int number)
      Sets the numer of required recovery agents
      Parameters:
      number - number of required agents
    • getAgentIdentifiers

      Enumeration<String> getAgentIdentifiers()
      Retrieves a list of agents in this unit.
      Returns:
      a list of string-based agent identifiers
    • changeAgentPassword

      boolean changeAgentPassword(String id, String oldpwd, String newpwd) throws EBaseException
      Changes agent password.
      Parameters:
      id - agent id
      oldpwd - old password
      newpwd - new password
      Returns:
      true if operation successful
      Throws:
      EBaseException - failed to change password
    • changeAgentMN

      boolean changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds) throws EBaseException
      Changes M-N recovery scheme.
      Parameters:
      n - total number of agents
      m - required number of agents for recovery operation
      oldcreds - all old credentials
      newcreds - all new credentials
      Returns:
      true if operation successful
      Throws:
      EBaseException - failed to change schema
    • login

      void login(Credential[] ac) throws EBaseException
      Logins to this unit.
      Parameters:
      ac - agent's credentials
      Throws:
      EBaseException - failed to login
    • getToken

      org.mozilla.jss.crypto.CryptoToken getToken()
    • encryptInternalPrivate

      byte[] encryptInternalPrivate(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Encrypts the internal private key (private key to the KRA's internal storage).
      Parameters:
      rawPrivate - user's private key (key to be archived)
      params - wrapping parameters
      Returns:
      encrypted data
      Throws:
      EBaseException - failed to encrypt
      Exception
    • wrap

      byte[] wrap(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Wraps data. The given key will be wrapped by the private key in this unit.
      Parameters:
      priKey - private key to be wrapped
      params - wrapping parameters
      Returns:
      wrapped data
      Throws:
      EBaseException - failed to wrap
      Exception
    • wrap

      byte[] wrap(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Wraps data. The given key will be wrapped by the private key in this unit.
      Parameters:
      symKey - symmetric key to be wrapped
      params - wrapping parameters
      Returns:
      wrapped data
      Throws:
      EBaseException - failed to wrap
      Exception
    • decryptInternalPrivate

      byte[] decryptInternalPrivate(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Decrypts the internal private key (private key from the KRA's internal storage).
      Parameters:
      wrappedPrivateData - unwrapped private key data (key to be recovered)
      params - - wrapping parameters
      Returns:
      raw private key
      Throws:
      Exception
    • unwrap

      org.mozilla.jss.crypto.SymmetricKey unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.
      Parameters:
      wrappedKeyData - symmetric key data wrapped up with session key
      Returns:
      Symmetric key object
      Throws:
      Exception - failed to unwrap
    • unwrap

      org.mozilla.jss.crypto.PrivateKey unwrap(byte[] privateKey, PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception
      Unwraps data. This method rebuilds the private key by unwrapping the private key data.
      Parameters:
      privateKey - private key data
      pubKey - public key object
      temporary - - temporary key?
      params - - wrapping parameters
      Returns:
      private key object
      Throws:
      Exception
    • getWrappingParams

      org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams(boolean encrypt) throws Exception
      Get the wrapping parameters for this storage unit
      Throws:
      Exception