Class semper.crypto.CryptoMasterKey 
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.crypto.CryptoMasterKey 

java.lang.Object
   |
   +----semper.crypto.CryptoMasterKey
public class CryptoMasterKey
extends Object
implements CryptoConstants
This class provices functionality for creating a master key for the user in the first place and for retrieving it later. The master key is protected by password, which is defined by the user, when the master key is created, and which the user must enter when the master key is retrieved later on (interactions with the user are via the TINGUIN).

After the master keys is retrieved as part of initialisation of the crypto manager it can be used freely by methods requiring other keys to be decrypted. Thus it is up to these methods to ensure that the master key is only used to recover keys that may be recovered.

The master key is implemented as a CryptoKeyInfo object. This object contains a key identifier (user speific), an algorithm identifier (DES) and the actual key value.

Constructor Index

o CryptoMasterKey(String)
Creates a masterkey either by reading it from archive if possible or by generating a new one.

Method Index

o generateMasterKey(CryptoKeyInfo)
Generates a new master key and protects it under password, which the user must define.
o loadMasterKey(CryptoKeyInfo)
Gets masterkey if in archive.

Constructors

o CryptoMasterKey 
  public CryptoMasterKey(String user)
Creates a masterkey either by reading it from archive if possible or by generating a new one. If the user already has a masterkey in archive this key is retrieved and decrypted under a password obtained from the user (via TINGUIN). If no key is in the archive the user is asked to select a password and a new key is generated and stored under the password.
Parameters:
user - identifies the user whose master key should be retrieved.
Returns:
void

Methods

o loadMasterKey 
  public int loadMasterKey(CryptoKeyInfo newMasterKey) throws CryptoManException
Gets masterkey if in archive. Decrypts it using password from user. This function verifies that master key stored in archive belongs to the right user.
Parameters:
newMasterKey - contains the retrieved master key
Returns:
integer encoding the possible outcomes: RC_OK if everything is ok, RC_NO_MK if no master key is in the archive and RC_NO_PW if the user failed to provide a correct password (in PASSWORD_LIMIT attempts)
Throws: CryptoManException
if technical problems with the verification of the password
o generateMasterKey 
  public boolean generateMasterKey(CryptoKeyInfo newMasterKey) throws CryptoManException
Generates a new master key and protects it under password, which the user must define. This service generates a new master key and stores it in archive encrypted under a password defined by the user as part of this method. Furthermore, this service uses the TINGUIN for getting the password. The Module must have been initialised so that key generation works.

This service checks that there is no master key already. If there is, the operation is denied.

The masterkey is returned with the key value in clear such that it can be used by the Crypto manager. In later sessions the master key can be retrieved for the archive using loadMasterKey.

Parameters:
newMasterKey - contains the newly generated master key
Returns:
true if the service succeeded
Throws: CryptoManException
if problems with archive
See Also:
loadMasterKey 
All Packages  Class Hierarchy  This Package  Previous  Next  Index