All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.crypto.CryptoKeyInfo

java.lang.Object
   |
   +----semper.crypto.CryptoKeyInfo

public class CryptoKeyInfo
extends Object
implements Serializable

CryptoKeyInfo implements a datastructure containing all keys used internally in SEMPER. Thus external modules do not need to use this structure unless they want to use the key inside SEMPER as well. See the overview for more details on this. A CryptoKeyInfo object contains the following information on a key:

a key identifier (this is an access name, which is also used when storing the key), the actual key value (an array of bytes),
a boolean indicating if the key value is encrypted,
if applicable an integer encoding the algorithm for which the key is to be used.

For some asymmetric keys part of the key is common to many key pairs. This is, for example, the case in ElGamal like systems (such as DSS), where the same prime and generator can be used by everyone. In order to avoid storing such a common part of the key several times a CryptoKeyInfo object may contain a pointer to the common part of the key.

Finally the object may contain a capability needed for access control to the key. This is not implemented yet, though.

Version:: $Revision: 1.43 $ $Date: 1998/07/06 09:01:52 $
Author:: Jesper Drud Nielsen ([email protected]), Torben Pryds Pedersen ([email protected]), Bjarke Dahl Ebert ([email protected])
See Also:: Statement

CryptoKeyInfo(): Creates a new, empty key information object.
CryptoKeyInfo(AccessName, byte[], CryptoKeyInfo, KeyType): Creates a new key information object with variables initialised by the parameters.
CryptoKeyInfo(AccessName, byte[], CryptoKeyInfo, KeyType, Object): Creates a new key information object with variables initialised by the parameters. Deprecated.
CryptoKeyInfo(CryptoKeyInfo): Creates a new object based on the values of a given one.

clearKeyId(): Deletes the key identifier from the object.
clearKeyVal(): Overwrites the value of the key in the object.
decryptKeyVal(CryptoKeyInfo): This service decrypts the key value under the key given.
encryptKeyVal(CryptoKeyInfo): This service encrypts the key value under the key given.
equals(Object): Compares the CryptoKeyInfo with another CryptoKeyInfo.
getAlg(): Find the algorithm for which this key can be used.
getCap(): Deprecated.
getCommonKey(): Returns the value of the common key of the object.
getCommonKeyInfo(): Returns the common key CryptoKeyInfo of the object.
getKeyId(): Returns the key identifier in the object.
getKeyVal(boolean, CryptoKeyInfo): Returns the key value stored in the object.
getLength(): Returns the block length for the conventional key.
keyFromPassword(String): Converts a password to a key.
printContents()
setAlg(KeyType): Sets the algorithm identifier of the object
setCap(Object): Sets the capability of the object if allowed by the present capability. Deprecated.
setCommonKeyInfo(CryptoKeyInfo): Sets the common key of the object.
setKeyId(AccessName): Defines the key identifier in the object.
setKeyVal(byte[]): Sets the actual key value of the object.
storeKeyVal(Date, boolean, CryptoKeyInfo): Store and protect a key.
toString(): Prints the key and common key value as a String

CryptoKeyInfo

 public CryptoKeyInfo()

Creates a new, empty key information object.

CryptoKeyInfo

 public CryptoKeyInfo(CryptoKeyInfo oldKeyInfo)

Creates a new object based on the values of a given one.

Parameters:: oldKeyInfo - is used to a new CryptokeyInfo object.

CryptoKeyInfo

 public CryptoKeyInfo(AccessName newKeyId,
                      byte newKeyVal[],
                      CryptoKeyInfo newCommon,
                      KeyType newAlgId,
                      Object newCapability)

Note: CryptoKeyInfo() is deprecated. Since the access block is no longer used, the newCapability parameter is obsolete. Use constructor without this parameter instead.

Creates a new key information object with variables initialised by the parameters. The supplied key value must not be encrypted.

Parameters:: newKeyID - is the identity of the key; newKeyVal - is the actual key value; newCommon - is the common part of the new key (see above); newAlgId - identifies the algorithm for which the key can be used; newCapability - is the capability for protecting the key
Returns:: the new key information object

CryptoKeyInfo

 public CryptoKeyInfo(AccessName newKeyId,
                      byte newKeyVal[],
                      CryptoKeyInfo newCommon,
                      KeyType newAlgId)

Creates a new key information object with variables initialised by the parameters. The supplied key value must not be encrypted.

Parameters:: newKeyID - is the identity of the key; newKeyVal - is the actual key value; newCommon - is the common part of the new key (see above); newAlgId - identifies the algorithm for which the key can be used
Returns:: the new key information object

getKeyVal

 public byte[] getKeyVal(boolean decryptedKey,
                         CryptoKeyInfo masterKey) throws CryptoManException

Returns the key value stored in the object. If necessary the archive is used to retrieve it. This function will decrypt the key if it is encrypted en decryption is explicitly requested. If a user wants to the entire CryptokeyInfo object it can be retrieved immediately from the archive withou this function (given the key identifier).

Parameters:: decryptedKey - if true the key will be decrypted (only if it is encrypted); masterKey - is the key under which the key should be decrypted (if null the masterKey of CryptoMan will be used).
Returns:: an array of bytes containing a copy of the actual key
Throws: CryptoManException: if the capability is locked or problems with archive occur
See Also:: storeKeyVal

getCommonKey

 public byte[] getCommonKey() throws CryptoManException

Returns the value of the common key of the object. If necessary the archive is used to retrieve it. No master key is needed as the common key is not protected.

Returns:: key value of the common key
Throws: CryptoManException: if the common key value could not be retrieved

getCommonKeyInfo

 public CryptoKeyInfo getCommonKeyInfo()

Returns the common key CryptoKeyInfo of the object. See the overview for more details on this.

Returns:: the common key object

setCommonKeyInfo

 public void setCommonKeyInfo(CryptoKeyInfo newComKeyInfo)

Sets the common key of the object. See the overview for more details on this.

Parameters:: newComKeyInfo - is the new common key of the object
Returns:: void

setCap

 public void setCap(Object newCapability)

Note: setCap() is deprecated. no longer using the access block

Sets the capability of the object if allowed by the present capability.

Parameters:: newCapabiity - is the new capability of the object
Returns:: void
Throws: CryptoManException: if the old capability could not be unlocked

getAlg

 public KeyType getAlg()

Find the algorithm for which this key can be used.

Returns:: the algorithm identifier corresponding to the key information object

setAlg

 public void setAlg(KeyType newAlgId)

Sets the algorithm identifier of the object

Parameters:: newAlgId - is the new algorithm identifier.

getCap

 public Object getCap()

Note: getCap() is deprecated. no longer using the access block

Returns:: the capability identifier corresponding to the key information object

clearKeyId

 public void clearKeyId()

Deletes the key identifier from the object. Since the key identifier is a local handle, this may be useful if the KeyInfo object is part of Statement which is communicatd to another enntity.

setKeyId

 public void setKeyId(AccessName newKeyId)

Defines the key identifier in the object. This may be useful if a Statement is received from nother party and the recipient want to store it. The key identifier should never be changed for an already stored key! Be careful using this function, as the Statement Manager for the moment expects the default names.

Parameters:: newKeyId - is the new value of the key identifier

getKeyId

 public AccessName getKeyId()

Returns the key identifier in the object.

Returns:: the key identifier

encryptKeyVal

 public boolean encryptKeyVal(CryptoKeyInfo masterKey) throws CryptoManException

This service encrypts the key value under the key given. If a null key is given the master key of the CryptoMan is used. If the key value is already encrypted nothing is done and the method returns false.

Parameters:: masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Returns:: false if the key was already encrypted. True otherwise.
Throws: CryptoManException: if problems with archive or encryption
See Also:: getKeyVal

decryptKeyVal

 public void decryptKeyVal(CryptoKeyInfo masterKey) throws CryptoManException, CryptoDecryptionError, CryptoBadRedundancy

This service decrypts the key value under the key given. If a null key is given the master key of the CryptoMan is used. The service returns true if the correct key was obtained (based on redundance in the encrypted key). encrypted nothing is done an the method returns false.

Parameters:: masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Throws: CryptoManException: if problems with archive or encryption
Throws: CryptoDecryptionError: if decryption of the key failed
Throws: CryptoBadRedundancy: if the recovered plain text does not contain proper redundancy
See Also:: getKeyVal

keyFromPassword

 public void keyFromPassword(String password) throws CryptoManException

Converts a password to a key. Given a password as a string a CryptoKeyInfo object corresponding to this password is created. This method requires that the password has length > 0.

Parameters:: the - password
Throws: CryptoManException: if key can't be created

storeKeyVal

 public void storeKeyVal(Date expDate,
                         boolean encryptKey,
                         CryptoKeyInfo masterKey) throws CryptoManException

Store and protect a key. If an expiration date is given as parameter the key value is stored in archive before being deleted. If requested the key is encrypted before being stored. Note that this method works on the given object - not a copy. The key is stored using the keyId as access name. Currently an exception is raised if the key had been stored previously.

Parameters:: expDate - tells for how long the key must be stored in archive; encryptKey - tells if the key should be encrypted before storage, if not, it will be done by the Archive.; masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Throws: CryptoManException: if problems with archive or encryption
See Also:: getKeyVal

clearKeyVal

 public void clearKeyVal()

Overwrites the value of the key in the object. Should be used, but with with care. Once, the key value is cleared it cannot be recovered.

setKeyVal

 public void setKeyVal(byte newKeyVal[]) throws CryptoManException

Sets the actual key value of the object. Can be used to clear the key value of a CryptoKeyInfo object. It is assumed that the key is in clear

Parameters:: newKeyVal - is the new key value to be associated with this object
Returns:: void
Throws: CryptoManException: if the capability could not be unlocked

getLength

 public int getLength()

Returns the block length for the conventional key.

Returns:: the block length

equals

 public boolean equals(Object object)

Compares the CryptoKeyInfo with another CryptoKeyInfo. the current implementation just verifies if the two object have the same key identifier (as this should be unique).

Parameters:: object - is the CryptoKeyInfo with which to compare
Returns:: true iff keyId's and keyVals match false otherwise.
Overrides:: equals in class Object

toString

 public String toString()

Prints the key and common key value as a String

Overrides:: toString in class Object

printContents

 public void printContents()

All Packages  Class Hierarchy  This Package  Previous  Next  Index