All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.crypto.CryptoMasterKey

java.lang.Object
   |
   +----semper.crypto.CryptoMasterKey

public class CryptoMasterKey

extends Object

After the master keys is retrieved as part of initialisation of the crypto manager it can be used freely by methods requiring other keys to be decrypted. Thus it is up to these methods to ensure that the master key is only used to recover keys that may be recovered.

The master key is implemented as a CryptoKeyInfo object. This object contains a key identifier (user speific), an algorithm identifier (DES) and the actual key value.

CryptoMasterKey()

Empty constructor needed for norification change of password.

CryptoMasterKey(String)

Creates a masterkey either by reading it from archive if possible or by generating a new one.

changePassword()

Changes the user password.

closeMasterKey()

Deletes the masterKey value from RAM.

finalize()

The finalizer overwrites the key value in the master key.

generateMasterKey()

Generates a new master key and protects it under password, which the user must define.

getKey()

Returns the master key of the crypto manager.

getMKFromArchive()

Gets masterkey if in archive.

loadMasterKey()

Gets masterkey if in archive and decrypts it using password from user.

verifyPassword(String)

Verifies a given password.

verifyPasswordAgainstMe(String)

Verifies user password (given a null password or a password of length 0 false will be returned).

 public CryptoMasterKey()

Empty constructor needed for norification change of password.

 public CryptoMasterKey(String user)

Creates a masterkey either by reading it from archive if possible or by generating a new one. If the user already has a masterkey in archive this key is retrieved and decrypted under a password obtained from the user (via TINGUIN). If no key is in the archive the user is asked to select a password and a new key is generated and stored under the password.

Parameters:

user - identifies the user whose master key should be retrieved.

Returns:

void

 public CryptoKeyInfo getKey()

Returns the master key of the crypto manager. If the masterKey is not loaded null is returned. Must be protected by access control.

Returns:

masterKey handled by this CryptoMasterKey object.

 public void closeMasterKey()

Deletes the masterKey value from RAM. This function should alwasy be called before the Crypto Manager is shut down. After this function has been performed the master key cannot be used before it has been loaded again.

 public void loadMasterKey() throws CryptoManException, CryptoNoPassword, CryptoNoMasterKey

Gets masterkey if in archive and decrypts it using password from user. This function verifies that master key stored in archive belongs to the right user. Afterwards the masterKey is kept as an attribute in this object.

Throws: CryptoManException

if technical problems with the verification of the password

Throws: CryptoNoMasterKey

if no master key is in the archive

Throws: CryptoNoPassword

if the user failed to provide a correct password (in PASSWORD_LIMIT attempts)

 public void getMKFromArchive() throws CryptoManException, CryptoNoMasterKey

Gets masterkey if in archive. Afterwards the masterKey is kept as an attribute in this object (the key value will still be encrypted)

Throws: CryptoManException

if technical problems with the verification of the password

Throws: CryptoNoMasterKey

if no master key is in the archive

 public boolean verifyPasswordAgainstMe(String password) throws CryptoManException

Verifies user password (given a null password or a password of length 0 false will be returned). Against MasterKey already obtained from Archive. The key value in the Master key must be encrypted to verify the password

Parameters:

password - is the suggested password

Returns:

true if a valid password is given, false otherwise.

Throws: CryptoManException

if the password could not be verified

 public boolean verifyPassword(String password) throws CryptoManException

Verifies a given password.

Parameters:

password - contains the password to be verified

Returns:

true if the right password was entered

Throws: CryptoManException

if an error occurred during verification

 public boolean generateMasterKey() throws CryptoManException

Generates a new master key and protects it under password, which the user must define. This service generates a new master key and stores it in archive encrypted under a password defined by the user as part of this method. Furthermore, this service uses the TINGUIN for getting the password. The Module must have been initialised so that key generation works.

This service checks that there is no master key already. If there is, the operation is denied.

The masterkey is kept as an attribute with the key value in clear such that it can be used by the Crypto manager. In later sessions the master key can be retrieved from the archive using loadMasterKey.

Returns:

true if the service succeeded

Throws: CryptoManException

if problems with the archive

See Also:

loadMasterKey

 public void changePassword()

Changes the user password. First asks for the old one. If is ok the user is asked to enter the new password twice. The masterkey is then encrypted under the new password and stored temporarily. The old version is deleted and the new one is moved to the right access name.

 protected void finalize()

The finalizer overwrites the key value in the master key.

Overrides:

finalize in class Object

All Packages  Class Hierarchy  This Package  Previous  Next  Index