Package com.netscape.certsrv.security
Interface IStorageKeyUnit
-
- All Superinterfaces:
IEncryptionUnit
,IToken
public interface IStorageKeyUnit extends IEncryptionUnit
An interface represents a storage key unit. This storage unit contains a storage key pair that is used for encrypting the user private key for long term storage.- Version:
- $Revision$, $Date$
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds)
Changes M-N recovery scheme.boolean
changeAgentPassword(java.lang.String id, java.lang.String oldpwd, java.lang.String newpwd)
Changes agent password.byte[]
decryptInternalPrivate(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params)
Decrypts the internal private key (private key from the KRA's internal storage).byte[]
encryptInternalPrivate(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params)
Encrypts the internal private key (private key to the KRA's internal storage).java.util.Enumeration<java.lang.String>
getAgentIdentifiers()
Retrieves a list of agents in this unit.int
getNoOfAgents()
Retrieves total number of recovery agents.int
getNoOfRequiredAgents()
Retrieves number of recovery agents required to perform recovery operation.org.mozilla.jss.crypto.CryptoToken
getToken()
org.mozilla.jss.netscape.security.util.WrappingParams
getWrappingParams(boolean encrypt)
Get the wrapping parameters for this storage unitvoid
login(Credential[] ac)
Logins to this unit.void
setNoOfRequiredAgents(int number)
Sets the numer of required recovery agentsorg.mozilla.jss.crypto.PrivateKey
unwrap(byte[] privateKey, java.security.PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params)
Unwraps data.org.mozilla.jss.crypto.SymmetricKey
unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params)
Unwraps symmetric key data.byte[]
wrap(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
Wraps data.byte[]
wrap(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params)
Wraps data.-
Methods inherited from interface com.netscape.certsrv.security.IEncryptionUnit
getOldWrappingParams, getPublicKey, unwrap_session_key, verify
-
-
-
-
Method Detail
-
getNoOfAgents
int getNoOfAgents() throws EBaseException
Retrieves total number of recovery agents.- Returns:
- total number of recovery agents
- Throws:
EBaseException
-
getNoOfRequiredAgents
int getNoOfRequiredAgents() throws EBaseException
Retrieves number of recovery agents required to perform recovery operation.- Returns:
- required number of recovery agents for recovery operation
- Throws:
EBaseException
-
setNoOfRequiredAgents
void setNoOfRequiredAgents(int number)
Sets the numer of required recovery agents- Parameters:
number
- number of required agents
-
getAgentIdentifiers
java.util.Enumeration<java.lang.String> getAgentIdentifiers()
Retrieves a list of agents in this unit.- Returns:
- a list of string-based agent identifiers
-
changeAgentPassword
boolean changeAgentPassword(java.lang.String id, java.lang.String oldpwd, java.lang.String newpwd) throws EBaseException
Changes agent password.- Parameters:
id
- agent idoldpwd
- old passwordnewpwd
- new password- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change password
-
changeAgentMN
boolean changeAgentMN(int n, int m, Credential[] oldcreds, Credential[] newcreds) throws EBaseException
Changes M-N recovery scheme.- Parameters:
n
- total number of agentsm
- required number of agents for recovery operationoldcreds
- all old credentialsnewcreds
- all new credentials- Returns:
- true if operation successful
- Throws:
EBaseException
- failed to change schema
-
login
void login(Credential[] ac) throws EBaseException
Logins to this unit.- Parameters:
ac
- agent's credentials- Throws:
EBaseException
- failed to login
-
getToken
org.mozilla.jss.crypto.CryptoToken getToken()
-
encryptInternalPrivate
byte[] encryptInternalPrivate(byte[] rawPrivate, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Encrypts the internal private key (private key to the KRA's internal storage).- Parameters:
rawPrivate
- user's private key (key to be archived)params
- wrapping parameters- Returns:
- encrypted data
- Throws:
EBaseException
- failed to encryptjava.lang.Exception
-
wrap
byte[] wrap(org.mozilla.jss.crypto.PrivateKey priKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
priKey
- private key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapjava.lang.Exception
-
wrap
byte[] wrap(org.mozilla.jss.crypto.SymmetricKey symKey, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Wraps data. The given key will be wrapped by the private key in this unit.- Parameters:
symKey
- symmetric key to be wrappedparams
- wrapping parameters- Returns:
- wrapped data
- Throws:
EBaseException
- failed to wrapjava.lang.Exception
-
decryptInternalPrivate
byte[] decryptInternalPrivate(byte[] wrappedPrivateData, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Decrypts the internal private key (private key from the KRA's internal storage).- Parameters:
wrappedPrivateData
- unwrapped private key data (key to be recovered)params
- - wrapping parameters- Returns:
- raw private key
- Throws:
java.lang.Exception
-
unwrap
org.mozilla.jss.crypto.SymmetricKey unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.- Parameters:
wrappedKeyData
- symmetric key data wrapped up with session key- Returns:
- Symmetric key object
- Throws:
java.lang.Exception
- failed to unwrap
-
unwrap
org.mozilla.jss.crypto.PrivateKey unwrap(byte[] privateKey, java.security.PublicKey pubKey, boolean temporary, org.mozilla.jss.netscape.security.util.WrappingParams params) throws java.lang.Exception
Unwraps data. This method rebuilds the private key by unwrapping the private key data.- Parameters:
privateKey
- private key datapubKey
- public key objecttemporary
- - temporary key?params
- - wrapping parameters- Returns:
- private key object
- Throws:
java.lang.Exception
-
getWrappingParams
org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams(boolean encrypt) throws java.lang.Exception
Get the wrapping parameters for this storage unit- Throws:
java.lang.Exception
-
-