Package com.netscape.certsrv.security
Interface IStorageKeyUnit
- All Superinterfaces:
IEncryptionUnit
,IToken
An interface represents a storage key unit. This storage
unit contains a storage key pair that is used for
encrypting the user private key for long term storage.
- Version:
- $Revision$, $Date$
-
Method Summary
Modifier and TypeMethodDescriptionboolean
changeAgentMN
(int n, int m, Credential[] oldcreds, Credential[] newcreds) Changes M-N recovery scheme.boolean
changeAgentPassword
(String id, String oldpwd, String newpwd) Changes agent password.byte[]
decryptInternalPrivate
(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params) Decrypts the internal private key (private key from the KRA's internal storage).byte[]
encryptInternalPrivate
(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params) Encrypts the internal private key (private key to the KRA's internal storage).Retrieves a list of agents in this unit.int
Retrieves total number of recovery agents.int
Retrieves number of recovery agents required to perform recovery operation.org.mozilla.jss.crypto.CryptoToken
getToken()
org.mozilla.jss.netscape.security.util.WrappingParams
getWrappingParams
(boolean encrypt) Get the wrapping parameters for this storage unitvoid
login
(Credential[] ac) Logins to this unit.void
setNoOfRequiredAgents
(int number) Sets the numer of required recovery agentsorg.mozilla.jss.crypto.PrivateKey
unwrap
(byte[] privateKey, PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params) Unwraps data.org.mozilla.jss.crypto.SymmetricKey
unwrap
(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params) Unwraps symmetric key data.byte[]
wrap
(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params) Wraps data.byte[]
wrap
(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params) Wraps data.Methods inherited from interface com.netscape.certsrv.security.IEncryptionUnit
getOldWrappingParams, getPublicKey, unwrap_session_key, verify
-
Method Details
-
getNoOfAgents
Retrieves total number of recovery agents.- Returns:
- total number of recovery agents
- Throws:
EBaseException
-
getNoOfRequiredAgents
Retrieves number of recovery agents required to perform recovery operation.- Returns:
- required number of recovery agents for recovery operation
- Throws:
EBaseException
-
setNoOfRequiredAgents
void setNoOfRequiredAgents(int number) Sets the numer of required recovery agents- Parameters:
number
- number of required agents
-
getAgentIdentifiers
Enumeration<String> getAgentIdentifiers()Retrieves a list of agents in this unit.- Returns:
- a list of string-based agent identifiers
-
changeAgentPassword
Changes agent password.- Parameters:
id
- agent idoldpwd
- old passwordnewpwd
- new password- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change password
-
changeAgentMN
boolean changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds) throws EBaseException Changes M-N recovery scheme.- Parameters:
n
- total number of agentsm
- required number of agents for recovery operationoldcreds
- all old credentialsnewcreds
- all new credentials- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change schema
-
login
Logins to this unit.- Parameters:
ac
- agent's credentials- Throws:
EBaseException
- failed to login
-
getToken
org.mozilla.jss.crypto.CryptoToken getToken() -
encryptInternalPrivate
byte[] encryptInternalPrivate(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Encrypts the internal private key (private key to the KRA's internal storage).- Parameters:
rawPrivate
- user's private key (key to be archived)params
- wrapping parameters- Returns:
- encrypted data
- Throws:
EBaseException
- failed to encryptException
-
wrap
byte[] wrap(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
priKey
- private key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapException
-
wrap
byte[] wrap(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
symKey
- symmetric key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapException
-
decryptInternalPrivate
byte[] decryptInternalPrivate(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Decrypts the internal private key (private key from the KRA's internal storage).- Parameters:
wrappedPrivateData
- unwrapped private key data (key to be recovered)params
- - wrapping parameters- Returns:
- raw private key
- Throws:
Exception
-
unwrap
org.mozilla.jss.crypto.SymmetricKey unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.- Parameters:
wrappedKeyData
- symmetric key data wrapped up with session key- Returns:
- Symmetric key object
- Throws:
Exception
- failed to unwrap
-
unwrap
org.mozilla.jss.crypto.PrivateKey unwrap(byte[] privateKey, PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params) throws Exception Unwraps data. This method rebuilds the private key by unwrapping the private key data.- Parameters:
privateKey
- private key datapubKey
- public key objecttemporary
- - temporary key?params
- - wrapping parameters- Returns:
- private key object
- Throws:
Exception
-
getWrappingParams
org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams(boolean encrypt) throws Exception Get the wrapping parameters for this storage unit- Throws:
Exception
-