Interface IKeyService


public interface IKeyService
An interface representing a recovery service.

Version:
$Revision$, $Date$
  • Method Details

    • getNoOfRequiredAgents

      int getNoOfRequiredAgents() throws EBaseException
      Retrieves number of agent required to perform key recovery operation.
      Returns:
      number of required recovery agents
      Throws:
      EBaseException - failed to retrieve value
    • isApprovedAsyncKeyRecovery

      boolean isApprovedAsyncKeyRecovery(String reqID) throws EBaseException
      is async recovery request status APPROVED - i.e. all required # of recovery agents approved
      Parameters:
      reqID - request id
      Returns:
      true if # of recovery required agents approved; false otherwise
      Throws:
      EBaseException
    • getInitAgentAsyncKeyRecovery

      String getInitAgentAsyncKeyRecovery(String reqID) throws EBaseException
      get async recovery request initiating agent
      Parameters:
      reqID - request id
      Returns:
      agentUID
      Throws:
      EBaseException
    • initAsyncKeyRecovery

      String initAsyncKeyRecovery(BigInteger kid, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String agent, String realm) throws EBaseException
      Initiate asynchronous key recovery
      Parameters:
      kid - key identifier
      cert - certificate embedded in PKCS12
      agent - agent requesting recovery
      realm - authorization realm
      Returns:
      requestId
      Throws:
      EBaseException - failed to initiate async recovery
    • addAgentAsyncKeyRecovery

      void addAgentAsyncKeyRecovery(String reqID, String agentID) throws EBaseException
      add approving agent in asynchronous key recovery
      Parameters:
      reqID - request id
      agentID - agent id
      Throws:
      EBaseException - failed to initiate async recovery
    • doKeyRecovery

      byte[] doKeyRecovery(BigInteger kid, Credential[] creds, String pwd, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String delivery, String nickname, String agent) throws EBaseException
      Performs administrator-initiated key recovery.
      Parameters:
      kid - key identifier
      creds - list of credentials (id and password)
      pwd - password to protect PKCS12
      cert - certificate embedded in PKCS12
      delivery - delivery mechanism
      Returns:
      pkcs12
      Throws:
      EBaseException - failed to perform recovery
    • doKeyRecovery

      byte[] doKeyRecovery(String reqID, String password) throws EBaseException
      Async Recovers key for administrators. This method is invoked by the agent operation of the key recovery servlet.

      • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is made (this is when the DRM receives the request)
      • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery request is processed (this is when the DRM processes the request)
      Parameters:
      reqID - request id
      password - password of the PKCS12 package subsystem
      Returns:
      a byte array containing the key
      Throws:
      EBaseException - failed to recover key
    • getRecoveryID

      String getRecoveryID()
      Retrieves recovery identifier.
      Returns:
      recovery id
    • createRecoveryParams

      Hashtable<String,Object> createRecoveryParams(String recoveryID) throws EBaseException
      Creates recovery parameters for the given recovery operation.
      Parameters:
      recoveryID - recovery id
      Returns:
      recovery parameters
      Throws:
      EBaseException - failed to create
    • destroyRecoveryParams

      void destroyRecoveryParams(String recoveryID) throws EBaseException
      Destroys recovery parameters for the given recovery operation.
      Parameters:
      recoveryID - recovery id
      Throws:
      EBaseException - failed to destroy
    • getRecoveryParams

      Hashtable<String,Object> getRecoveryParams(String recoveryID) throws EBaseException
      Retrieves recovery parameters for the given recovery operation.
      Parameters:
      recoveryID - recovery id
      Returns:
      recovery parameters
      Throws:
      EBaseException - failed to retrieve
    • addDistributedCredential

      void addDistributedCredential(String recoveryID, String uid, String pwd) throws EBaseException
      Adds password in the distributed recovery operation.
      Parameters:
      recoveryID - recovery id
      uid - agent uid
      pwd - agent password
      Throws:
      EBaseException - failed to add
    • getDistributedCredentials

      Credential[] getDistributedCredentials(String recoveryID) throws EBaseException
      Retrieves credentials in the distributed recovery operation.
      Parameters:
      recoveryID - recovery id
      Returns:
      agent's credentials
      Throws:
      EBaseException - failed to retrieve