com.netscape.certsrv.security

Interface IEncryptionUnit

All Superinterfaces:

IToken

All Known Subinterfaces:

IStorageKeyUnit, ITransportKeyUnit

public interface IEncryptionUnit
extends IToken

An interface represents a encryption unit.

Version:

$Revision$, $Date$

Method Summary

Modifier and Type	Method and Description
byte[]	decryptExternalPrivate(byte[] sessionKey, java.lang.String symmAlgOID, byte[] symmAlgParams, byte[] privateKey) Decrypts the external private key (private key from the end-user).
byte[]	decryptExternalPrivate(byte[] sessionKey, java.lang.String symmAlgOID, byte[] symmAlgParams, byte[] privateKey, org.mozilla.jss.crypto.X509Certificate transportCert) Decrypts the external private key (private key from the end-user).
byte[]	decryptInternalPrivate(byte[] wrappedPrivateData) Decrypts the internal private key (private key from the KRA's internal storage).
byte[]	encryptInternalPrivate(byte[] rawPrivate) Encrypts the internal private key (private key to the KRA's internal storage).
java.security.PublicKey	getPublicKey() Retrieves the public key in this unit.
org.mozilla.jss.crypto.SymmetricKey	unwrap_sym(byte[] encSymmKey, org.mozilla.jss.crypto.SymmetricKey.Usage usage) Unwraps symmetric key .
org.mozilla.jss.crypto.SymmetricKey	unwrap_symmetric(byte[] sessionKey, java.lang.String symmAlgOID, byte[] symmAlgParams, byte[] symmetricKey, org.mozilla.jss.crypto.SymmetricKey.Type type, int strength) Unwraps symmetric key .
org.mozilla.jss.crypto.PrivateKey	unwrap(byte[] privateKey, java.security.PublicKey pubKey) Unwraps data.
org.mozilla.jss.crypto.PrivateKey	unwrap(byte[] sessionKey, java.lang.String symmAlgOID, byte[] symmAlgParams, byte[] privateKey, java.security.PublicKey pubKey) Unwraps data.
org.mozilla.jss.crypto.PrivateKey	unwrap(byte[] encSymmKey, java.lang.String symmAlgOID, byte[] symmAlgParams, byte[] encValue, java.security.PublicKey pubKey, org.mozilla.jss.crypto.X509Certificate transportCert) Unwraps data.
org.mozilla.jss.crypto.SymmetricKey	unwrap(byte[] wrappedKeyData, org.mozilla.jss.crypto.SymmetricKey.Type algorithm, int keySize) Unwraps symmetric key data.
void	verify(java.security.PublicKey publicKey, org.mozilla.jss.crypto.PrivateKey privateKey) Verifies the given key pair.
byte[]	wrap(org.mozilla.jss.crypto.PrivateKey priKey) Wraps data.
byte[]	wrap(org.mozilla.jss.crypto.SymmetricKey symKey) Wraps data.

Methods inherited from interface com.netscape.certsrv.security.IToken

login, logout

Method Detail

getPublicKey

java.security.PublicKey getPublicKey()

Retrieves the public key in this unit.

Returns:

public key

wrap

byte[] wrap(org.mozilla.jss.crypto.PrivateKey priKey)
     throws EBaseException

Wraps data. The given key will be wrapped by the private key in this unit.

Parameters:

priKey - private key to be wrapped

Returns:

wrapped data

Throws:

EBaseException - failed to wrap

wrap

byte[] wrap(org.mozilla.jss.crypto.SymmetricKey symKey)
     throws EBaseException

Wraps data. The given key will be wrapped by the private key in this unit.

Parameters:

symKey - symmetric key to be wrapped

Returns:

wrapped data

Throws:

EBaseException - failed to wrap

verify

void verify(java.security.PublicKey publicKey,
            org.mozilla.jss.crypto.PrivateKey privateKey)
     throws EBaseException

Verifies the given key pair.

Parameters:

publicKey - public key

privateKey - private key

Throws:

EBaseException

unwrap

org.mozilla.jss.crypto.PrivateKey unwrap(byte[] sessionKey,
                                         java.lang.String symmAlgOID,
                                         byte[] symmAlgParams,
                                         byte[] privateKey,
                                         java.security.PublicKey pubKey)
                                  throws EBaseException

Unwraps data. This method rebuilds the private key by unwrapping the private key data.

Parameters:

sessionKey - session key that unwrap the private key

symmAlgOID - symmetric algorithm

symmAlgParams - symmetric algorithm parameters

privateKey - private key data

pubKey - public key

Returns:

private key object

Throws:

EBaseException - failed to unwrap

unwrap

org.mozilla.jss.crypto.PrivateKey unwrap(byte[] encSymmKey,
                                         java.lang.String symmAlgOID,
                                         byte[] symmAlgParams,
                                         byte[] encValue,
                                         java.security.PublicKey pubKey,
                                         org.mozilla.jss.crypto.X509Certificate transportCert)
                                  throws EBaseException

Unwraps data. This method rebuilds the private key by unwrapping the private key data.

Parameters:

symmAlgOID - symmetric algorithm

symmAlgParams - symmetric algorithm parameters

pubKey - public key

transportCert - transport certificate

Returns:

private key object

Throws:

EBaseException - failed to unwrap

unwrap

org.mozilla.jss.crypto.SymmetricKey unwrap(byte[] wrappedKeyData,
                                           org.mozilla.jss.crypto.SymmetricKey.Type algorithm,
                                           int keySize)
                                    throws EBaseException

Unwraps symmetric key data. This method rebuilds the symmetric key by unwrapping the private data blob.

Parameters:

wrappedKeyData - symmetric key data wrapped up with session key

Returns:

Symmetric key object

Throws:

EBaseException - failed to unwrap

unwrap_symmetric

org.mozilla.jss.crypto.SymmetricKey unwrap_symmetric(byte[] sessionKey,
                                                     java.lang.String symmAlgOID,
                                                     byte[] symmAlgParams,
                                                     byte[] symmetricKey,
                                                     org.mozilla.jss.crypto.SymmetricKey.Type type,
                                                     int strength)
                                              throws EBaseException

Unwraps symmetric key . This method unwraps the symmetric key.

Parameters:

sessionKey - session key that unwrap the symmetric key

symmAlgOID - symmetric algorithm

symmAlgParams - symmetric algorithm parameters

symmetricKey - symmetric key data

type - symmetric key algorithm

strength - symmetric key strength in bytes

Returns:

Symmetric key object

Throws:

EBaseException - failed to unwrap

unwrap_sym

org.mozilla.jss.crypto.SymmetricKey unwrap_sym(byte[] encSymmKey,
                                               org.mozilla.jss.crypto.SymmetricKey.Usage usage)

Unwraps symmetric key . This method unwraps the symmetric key.

Parameters:

encSymmKey - wrapped symmetric key to be unwrapped

Returns:

Symmetric key object

unwrap

org.mozilla.jss.crypto.PrivateKey unwrap(byte[] privateKey,
                                         java.security.PublicKey pubKey)
                                  throws EBaseException

Unwraps data. This method rebuilds the private key by unwrapping the private key data.

Parameters:

privateKey - private key data

pubKey - public key object

Returns:

private key object

Throws:

EBaseException - failed to unwrap

encryptInternalPrivate

byte[] encryptInternalPrivate(byte[] rawPrivate)
                       throws EBaseException

Encrypts the internal private key (private key to the KRA's internal storage).

Parameters:

rawPrivate - user's private key (key to be archived)

Returns:

encrypted data

Throws:

EBaseException - failed to encrypt

decryptInternalPrivate

byte[] decryptInternalPrivate(byte[] wrappedPrivateData)
                       throws EBaseException

Decrypts the internal private key (private key from the KRA's internal storage).

Parameters:

wrappedPrivateData - unwrapped private key data (key to be recovered)

Returns:

raw private key

Throws:

EBaseException - failed to decrypt

decryptExternalPrivate

byte[] decryptExternalPrivate(byte[] sessionKey,
                              java.lang.String symmAlgOID,
                              byte[] symmAlgParams,
                              byte[] privateKey)
                       throws EBaseException

Decrypts the external private key (private key from the end-user).

Parameters:

sessionKey - session key that protects the user private

symmAlgOID - symmetric algorithm

symmAlgParams - symmetric algorithm parameters

privateKey - private key data

Returns:

private key data

Throws:

EBaseException - failed to decrypt

decryptExternalPrivate

byte[] decryptExternalPrivate(byte[] sessionKey,
                              java.lang.String symmAlgOID,
                              byte[] symmAlgParams,
                              byte[] privateKey,
                              org.mozilla.jss.crypto.X509Certificate transportCert)
                       throws EBaseException

Decrypts the external private key (private key from the end-user).

Parameters:

sessionKey - session key that protects the user private

symmAlgOID - symmetric algorithm

symmAlgParams - symmetric algorithm parameters

privateKey - private key data

transportCert - transport certificate

Returns:

private key data

Throws:

EBaseException - failed to decrypt