Package com.netscape.certsrv.kra
Interface IKeyService
public interface IKeyService
An interface representing a recovery service.
- Version:
- $Revision$, $Date$
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addAgentAsyncKeyRecovery
(String reqID, String agentID) add approving agent in asynchronous key recoveryvoid
addDistributedCredential
(String recoveryID, String uid, String pwd) Adds password in the distributed recovery operation.createRecoveryParams
(String recoveryID) Creates recovery parameters for the given recovery operation.void
destroyRecoveryParams
(String recoveryID) Destroys recovery parameters for the given recovery operation.byte[]
doKeyRecovery
(String reqID, String password) Async Recovers key for administrators.byte[]
doKeyRecovery
(BigInteger kid, Credential[] creds, String pwd, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String delivery, String nickname, String agent) Performs administrator-initiated key recovery.getDistributedCredentials
(String recoveryID) Retrieves credentials in the distributed recovery operation.get async recovery request initiating agentint
Retrieves number of agent required to perform key recovery operation.Retrieves recovery identifier.getRecoveryParams
(String recoveryID) Retrieves recovery parameters for the given recovery operation.initAsyncKeyRecovery
(BigInteger kid, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String agent, String realm) Initiate asynchronous key recoveryboolean
isApprovedAsyncKeyRecovery
(String reqID) is async recovery request status APPROVED - i.e.
-
Method Details
-
getNoOfRequiredAgents
Retrieves number of agent required to perform key recovery operation.- Returns:
- number of required recovery agents
- Throws:
EBaseException
- failed to retrieve value
-
isApprovedAsyncKeyRecovery
is async recovery request status APPROVED - i.e. all required # of recovery agents approved- Parameters:
reqID
- request id- Returns:
- true if # of recovery required agents approved; false otherwise
- Throws:
EBaseException
-
getInitAgentAsyncKeyRecovery
get async recovery request initiating agent- Parameters:
reqID
- request id- Returns:
- agentUID
- Throws:
EBaseException
-
initAsyncKeyRecovery
String initAsyncKeyRecovery(BigInteger kid, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String agent, String realm) throws EBaseException Initiate asynchronous key recovery- Parameters:
kid
- key identifiercert
- certificate embedded in PKCS12agent
- agent requesting recoveryrealm
- authorization realm- Returns:
- requestId
- Throws:
EBaseException
- failed to initiate async recovery
-
addAgentAsyncKeyRecovery
add approving agent in asynchronous key recovery- Parameters:
reqID
- request idagentID
- agent id- Throws:
EBaseException
- failed to initiate async recovery
-
doKeyRecovery
byte[] doKeyRecovery(BigInteger kid, Credential[] creds, String pwd, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, String delivery, String nickname, String agent) throws EBaseException Performs administrator-initiated key recovery.- Parameters:
kid
- key identifiercreds
- list of credentials (id and password)pwd
- password to protect PKCS12cert
- certificate embedded in PKCS12delivery
- delivery mechanism- Returns:
- pkcs12
- Throws:
EBaseException
- failed to perform recovery
-
doKeyRecovery
Async Recovers key for administrators. This method is invoked by the agent operation of the key recovery servlet.- signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is made (this is when the DRM receives the request)
- signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery request is processed (this is when the DRM processes the request)
- Parameters:
reqID
- request idpassword
- password of the PKCS12 package subsystem- Returns:
- a byte array containing the key
- Throws:
EBaseException
- failed to recover key
-
getRecoveryID
String getRecoveryID()Retrieves recovery identifier.- Returns:
- recovery id
-
createRecoveryParams
Creates recovery parameters for the given recovery operation.- Parameters:
recoveryID
- recovery id- Returns:
- recovery parameters
- Throws:
EBaseException
- failed to create
-
destroyRecoveryParams
Destroys recovery parameters for the given recovery operation.- Parameters:
recoveryID
- recovery id- Throws:
EBaseException
- failed to destroy
-
getRecoveryParams
Retrieves recovery parameters for the given recovery operation.- Parameters:
recoveryID
- recovery id- Returns:
- recovery parameters
- Throws:
EBaseException
- failed to retrieve
-
addDistributedCredential
Adds password in the distributed recovery operation.- Parameters:
recoveryID
- recovery iduid
- agent uidpwd
- agent password- Throws:
EBaseException
- failed to add
-
getDistributedCredentials
Retrieves credentials in the distributed recovery operation.- Parameters:
recoveryID
- recovery id- Returns:
- agent's credentials
- Throws:
EBaseException
- failed to retrieve
-