All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.crypto.CryptoKeyInfo

java.lang.Object
   |
   +----semper.crypto.CryptoKeyInfo

public class CryptoKeyInfo
extends Object
implements Serializable
CryptoKeyInfo implements a datastructure containing all keys used internally in SEMPER. Thus external modules do not need to use this structure unless they want to use the key inside SEMPER as well. See the overview for more details on this. A CryptoKeyInfo object contains the following information on a key: For some asymmetric keys part of the key is common to many key pairs. This is, for example, the case in ElGamal like systems (such as DSS), where the same prime and generator can be used by everyone. In order to avoid storing such a common part of the key several times a CryptoKeyInfo object may contain a pointer to the common part of the key.

Finally the object may contain a capability needed for access control to the key. This is not implemented yet, though.

Version:
$Revision: 1.43 $ $Date: 1998/07/06 09:01:52 $
Author:
Jesper Drud Nielsen (drud@cryptomathic.dk), Torben Pryds Pedersen (tpp@cryptomathic.dk), Bjarke Dahl Ebert (bde@cryptomathic.dk)
See Also:
Statement

Constructor Index

 o CryptoKeyInfo()
Creates a new, empty key information object.
 o CryptoKeyInfo(AccessName, byte[], CryptoKeyInfo, KeyType)
Creates a new key information object with variables initialised by the parameters.
 o CryptoKeyInfo(AccessName, byte[], CryptoKeyInfo, KeyType, Object)
Creates a new key information object with variables initialised by the parameters. Deprecated.
 o CryptoKeyInfo(CryptoKeyInfo)
Creates a new object based on the values of a given one.

Method Index

 o clearKeyId()
Deletes the key identifier from the object.
 o clearKeyVal()
Overwrites the value of the key in the object.
 o decryptKeyVal(CryptoKeyInfo)
This service decrypts the key value under the key given.
 o encryptKeyVal(CryptoKeyInfo)
This service encrypts the key value under the key given.
 o equals(Object)
Compares the CryptoKeyInfo with another CryptoKeyInfo.
 o getAlg()
Find the algorithm for which this key can be used.
 o getCap()
Deprecated.
 o getCommonKey()
Returns the value of the common key of the object.
 o getCommonKeyInfo()
Returns the common key CryptoKeyInfo of the object.
 o getKeyId()
Returns the key identifier in the object.
 o getKeyVal(boolean, CryptoKeyInfo)
Returns the key value stored in the object.
 o getLength()
Returns the block length for the conventional key.
 o keyFromPassword(String)
Converts a password to a key.
 o printContents()
 o setAlg(KeyType)
Sets the algorithm identifier of the object
 o setCap(Object)
Sets the capability of the object if allowed by the present capability. Deprecated.
 o setCommonKeyInfo(CryptoKeyInfo)
Sets the common key of the object.
 o setKeyId(AccessName)
Defines the key identifier in the object.
 o setKeyVal(byte[])
Sets the actual key value of the object.
 o storeKeyVal(Date, boolean, CryptoKeyInfo)
Store and protect a key.
 o toString()
Prints the key and common key value as a String

Constructors

 o CryptoKeyInfo
 public CryptoKeyInfo()
Creates a new, empty key information object.

 o CryptoKeyInfo
 public CryptoKeyInfo(CryptoKeyInfo oldKeyInfo)
Creates a new object based on the values of a given one.

Parameters:
oldKeyInfo - is used to a new CryptokeyInfo object.
 o CryptoKeyInfo
 public CryptoKeyInfo(AccessName newKeyId,
                      byte newKeyVal[],
                      CryptoKeyInfo newCommon,
                      KeyType newAlgId,
                      Object newCapability)
Note: CryptoKeyInfo() is deprecated. Since the access block is no longer used, the newCapability parameter is obsolete. Use constructor without this parameter instead.

Creates a new key information object with variables initialised by the parameters. The supplied key value must not be encrypted.

Parameters:
newKeyID - is the identity of the key
newKeyVal - is the actual key value
newCommon - is the common part of the new key (see above)
newAlgId - identifies the algorithm for which the key can be used
newCapability - is the capability for protecting the key
Returns:
the new key information object
 o CryptoKeyInfo
 public CryptoKeyInfo(AccessName newKeyId,
                      byte newKeyVal[],
                      CryptoKeyInfo newCommon,
                      KeyType newAlgId)
Creates a new key information object with variables initialised by the parameters. The supplied key value must not be encrypted.

Parameters:
newKeyID - is the identity of the key
newKeyVal - is the actual key value
newCommon - is the common part of the new key (see above)
newAlgId - identifies the algorithm for which the key can be used
Returns:
the new key information object

Methods

 o getKeyVal
 public byte[] getKeyVal(boolean decryptedKey,
                         CryptoKeyInfo masterKey) throws CryptoManException
Returns the key value stored in the object. If necessary the archive is used to retrieve it. This function will decrypt the key if it is encrypted en decryption is explicitly requested. If a user wants to the entire CryptokeyInfo object it can be retrieved immediately from the archive withou this function (given the key identifier).

Parameters:
decryptedKey - if true the key will be decrypted (only if it is encrypted)
masterKey - is the key under which the key should be decrypted (if null the masterKey of CryptoMan will be used).
Returns:
an array of bytes containing a copy of the actual key
Throws: CryptoManException
if the capability is locked or problems with archive occur
See Also:
storeKeyVal
 o getCommonKey
 public byte[] getCommonKey() throws CryptoManException
Returns the value of the common key of the object. If necessary the archive is used to retrieve it. No master key is needed as the common key is not protected.

Returns:
key value of the common key
Throws: CryptoManException
if the common key value could not be retrieved
 o getCommonKeyInfo
 public CryptoKeyInfo getCommonKeyInfo()
Returns the common key CryptoKeyInfo of the object. See the overview for more details on this.

Returns:
the common key object
 o setCommonKeyInfo
 public void setCommonKeyInfo(CryptoKeyInfo newComKeyInfo)
Sets the common key of the object. See the overview for more details on this.

Parameters:
newComKeyInfo - is the new common key of the object
Returns:
void
 o setCap
 public void setCap(Object newCapability)
Note: setCap() is deprecated. no longer using the access block

Sets the capability of the object if allowed by the present capability.

Parameters:
newCapabiity - is the new capability of the object
Returns:
void
Throws: CryptoManException
if the old capability could not be unlocked
 o getAlg
 public KeyType getAlg()
Find the algorithm for which this key can be used.

Returns:
the algorithm identifier corresponding to the key information object
 o setAlg
 public void setAlg(KeyType newAlgId)
Sets the algorithm identifier of the object

Parameters:
newAlgId - is the new algorithm identifier.
 o getCap
 public Object getCap()
Note: getCap() is deprecated. no longer using the access block

Returns:
the capability identifier corresponding to the key information object
 o clearKeyId
 public void clearKeyId()
Deletes the key identifier from the object. Since the key identifier is a local handle, this may be useful if the KeyInfo object is part of Statement which is communicatd to another enntity.

 o setKeyId
 public void setKeyId(AccessName newKeyId)
Defines the key identifier in the object. This may be useful if a Statement is received from nother party and the recipient want to store it. The key identifier should never be changed for an already stored key! Be careful using this function, as the Statement Manager for the moment expects the default names.

Parameters:
newKeyId - is the new value of the key identifier
 o getKeyId
 public AccessName getKeyId()
Returns the key identifier in the object.

Returns:
the key identifier
 o encryptKeyVal
 public boolean encryptKeyVal(CryptoKeyInfo masterKey) throws CryptoManException
This service encrypts the key value under the key given. If a null key is given the master key of the CryptoMan is used. If the key value is already encrypted nothing is done and the method returns false.

Parameters:
masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Returns:
false if the key was already encrypted. True otherwise.
Throws: CryptoManException
if problems with archive or encryption
See Also:
getKeyVal
 o decryptKeyVal
 public void decryptKeyVal(CryptoKeyInfo masterKey) throws CryptoManException, CryptoDecryptionError, CryptoBadRedundancy
This service decrypts the key value under the key given. If a null key is given the master key of the CryptoMan is used. The service returns true if the correct key was obtained (based on redundance in the encrypted key). encrypted nothing is done an the method returns false.

Parameters:
masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Throws: CryptoManException
if problems with archive or encryption
Throws: CryptoDecryptionError
if decryption of the key failed
Throws: CryptoBadRedundancy
if the recovered plain text does not contain proper redundancy
See Also:
getKeyVal
 o keyFromPassword
 public void keyFromPassword(String password) throws CryptoManException
Converts a password to a key. Given a password as a string a CryptoKeyInfo object corresponding to this password is created. This method requires that the password has length > 0.

Parameters:
the - password
Throws: CryptoManException
if key can't be created
 o storeKeyVal
 public void storeKeyVal(Date expDate,
                         boolean encryptKey,
                         CryptoKeyInfo masterKey) throws CryptoManException
Store and protect a key. If an expiration date is given as parameter the key value is stored in archive before being deleted. If requested the key is encrypted before being stored. Note that this method works on the given object - not a copy. The key is stored using the keyId as access name. Currently an exception is raised if the key had been stored previously.

Parameters:
expDate - tells for how long the key must be stored in archive
encryptKey - tells if the key should be encrypted before storage, if not, it will be done by the Archive.
masterKey - is the key encryption key (if null masterKey of CryptoMan will be used)
Throws: CryptoManException
if problems with archive or encryption
See Also:
getKeyVal
 o clearKeyVal
 public void clearKeyVal()
Overwrites the value of the key in the object. Should be used, but with with care. Once, the key value is cleared it cannot be recovered.

 o setKeyVal
 public void setKeyVal(byte newKeyVal[]) throws CryptoManException
Sets the actual key value of the object. Can be used to clear the key value of a CryptoKeyInfo object. It is assumed that the key is in clear

Parameters:
newKeyVal - is the new key value to be associated with this object
Returns:
void
Throws: CryptoManException
if the capability could not be unlocked
 o getLength
 public int getLength()
Returns the block length for the conventional key.

Returns:
the block length
 o equals
 public boolean equals(Object object)
Compares the CryptoKeyInfo with another CryptoKeyInfo. the current implementation just verifies if the two object have the same key identifier (as this should be unique).

Parameters:
object - is the CryptoKeyInfo with which to compare
Returns:
true iff keyId's and keyVals match false otherwise.
Overrides:
equals in class Object
 o toString
 public String toString()
Prints the key and common key value as a String

Overrides:
toString in class Object
 o printContents
 public void printContents()

All Packages  Class Hierarchy  This Package  Previous  Next  Index