org.ccnx.ccn.KeyManager Class Reference

Top-level interface for managing our own keys, as well as maintaining an address book containing the keys of others (which will be used by the TrustManager). More...

Inheritance diagram for org.ccnx.ccn.KeyManager:

org.ccnx.ccn.impl.security.keys.BasicKeyManager org.ccnx.ccn.impl.security.keys.NetworkKeyManager org.ccnx.ccn.impl.security.keys.RepositoryKeyManager

List of all members.

Public Member Functions

ContentVerifier getDefaultVerifier ()
 Subclasses can override with fancier verification behavior; again move to TrustManager eventually.
void close ()
 Close any connections we have to the network.
abstract void initialize () throws InvalidKeyException, IOException, ConfigurationException
 Allows subclasses to specialize key manager initialization.
abstract boolean initialized ()
abstract void clearSavedConfigurationState () throws FileNotFoundException, IOException
abstract PublisherPublicKeyDigest getDefaultKeyID ()
 Get our default key ID.
boolean isOurDefaultKey (PublisherPublicKeyDigest keyID)
abstract PublicKeyCache getPublicKeyCache ()
 Access our collected store of public keys.
abstract SecureKeyCache getSecureKeyCache ()
 Access our store of private keys and other secret key material that we have retrieved.
abstract void saveSecureKeyCache () throws FileNotFoundException, IOException
abstract void saveConfigurationState () throws FileNotFoundException, IOException
abstract URI getConfigurationDataURI ()
 Not sure that this is the best idea, but others want to bootstrap on our configuration data store to stash their own config data.
abstract PrivateKey getDefaultSigningKey ()
 Get our default private key.
abstract PublicKey getDefaultPublicKey ()
 Get our default public key.
ContentName getDefaultKeyName (ContentName keyPrefix, PublisherPublicKeyDigest keyID, CCNTime keyVersion)
 Return the key's content name for a given key id, given a specified prefix and version.
abstract ContentName getDefaultKeyName (PublisherPublicKeyDigest keyID)
 Get the key-manager determined default key name for a key.
abstract ContentName getDefaultKeyNamePrefix ()
 Allow subclasses to override default publishing location.
abstract KeyLocator getKeyLocator (PublisherPublicKeyDigest publisherKeyID)
 Gets the preferred key locator for this signing key.
abstract KeyLocator getKeyLocator (PrivateKey signingKey)
 Get our current preferred key locator for this signing key.
KeyLocator getDefaultKeyLocator ()
 Get the key locator for our default key.
abstract boolean haveStoredKeyLocator (PublisherPublicKeyDigest keyID)
abstract KeyLocator getStoredKeyLocator (PublisherPublicKeyDigest keyID)
abstract void clearStoredKeyLocator (PublisherPublicKeyDigest keyID)
abstract void setKeyLocator (PublisherPublicKeyDigest publisherKeyID, KeyLocator keyLocator)
 Remember the key locator to use for a given key.
KeyLocator getKeyTypeKeyLocator (PublisherPublicKeyDigest publisherKeyID)
 Get a KEY type key locator for a particular public key.
abstract PublicKey getPublicKey (PublisherPublicKeyDigest publisher)
 Get the public key associated with a given publisher.
abstract PublisherPublicKeyDigest getPublisherKeyID (PrivateKey signingKey)
 Get the publisher key digest associated with one of our signing keys.
abstract PrivateKey getSigningKey (PublisherPublicKeyDigest publisherKeyID)
 Get the private key associated with a given publisher.
abstract PrivateKey[] getSigningKeys ()
 Get all of our private keys, used for cache loading.
abstract PublisherPublicKeyDigest[] getAvailableIdentities ()
 Get the public key digest of all our signing keys -- essentially our available identities.
abstract CCNTime getKeyVersion (PublisherPublicKeyDigest keyID)
 Get any timestamp associate with this key.
abstract PublicKey getPublicKey (PublisherPublicKeyDigest publisherKeyID, KeyLocator keyLocator, long timeout) throws IOException
 Get the public key for a given publisher, going to the network to retrieve it if necessary.
PublicKey getPublicKey (PublisherPublicKeyDigest publisherKeyID, KeyLocator keyLocator) throws IOException
 Get the public key for a given publisher, going to the network to retrieve it if necessary.
abstract PublicKeyObject getPublicKeyObject (PublisherPublicKeyDigest desiredKeyID, KeyLocator locator, long timeout) throws IOException
 Get the public key for a given publisher as it was explicitly published, going to the network to retrieve it if necessary.
PublicKeyObject publishDefaultKey (ContentName keyName) throws IOException, InvalidKeyException
 Allow subclasses to specialize key publication, if any.
PublicKeyObject publishKey (ContentName keyName, PublisherPublicKeyDigest keyToPublish, PublisherPublicKeyDigest signingKeyID, KeyLocator signingKeyLocator) throws InvalidKeyException, IOException
 Publish a key at a certain name, signed by a specified identity (our default, if null).
PublicKeyObject publishSelfSignedKey (ContentName keyName, PublisherPublicKeyDigest keyToPublish, boolean learnKeyLocator) throws InvalidKeyException, IOException
 Publish my public key to a local key server run in this JVM, as a self-signed key record.
abstract PublicKeyObject publishKey (ContentName keyName, PublicKey keyToPublish, PublisherPublicKeyDigest signingKeyID, KeyLocator signingKeyLocator, boolean learnKeyLocator) throws InvalidKeyException, IOException
 Publish a key at a certain name, signed by our default identity.
abstract PublicKeyObject publishKeyToRepository (ContentName keyName, PublisherPublicKeyDigest keyToPublish, long timeToWaitForPreexisting) throws InvalidKeyException, IOException
 Publish a key at a certain name, ensuring that it is stored in a repository.
abstract PublicKeyObject publishSelfSignedKeyToRepository (ContentName keyName, PublicKey theKey, PublisherPublicKeyDigest keyToPublish, long timeToWaitForPreexisting) throws InvalidKeyException, IOException
 Publish one of our keys to a repository, if it isn't already there, and ensure that it's self-signed regardless of what credentials we have for it (this is the default behavior if we have no credentials for the key.
PublicKeyObject publishKeyToRepository () throws InvalidKeyException, IOException
 Publish our default key to a repository at its default location.
PublicKeyObject publishKeyToRepository (ContentName keyName, PublisherPublicKeyDigest keyToPublish) throws InvalidKeyException, IOException
void respondToKeyRequests (ContentName keyPrefix) throws IOException
 Right now KeyServers are hidden in our subclasses.
abstract AccessControlManager getAccessControlManagerForName (ContentName contentName)
 Handle access control manager cache.
abstract void rememberAccessControlManager (AccessControlManager acm)

Static Public Member Functions

static synchronized KeyManager getDefaultKeyManager ()
 Accessor to retrieve default key manager instance, or create it if necessary.
static synchronized void closeDefaultKeyManager ()
 Clean up state left around by the default key manager and remove it.
static synchronized void setDefaultKeyManager (KeyManager keyManager)
 Set the default key manager to one of our choice.
static PublicKeyObject publishKeyToRepository (ContentName keyName, PublicKey keyToPublish, PublisherPublicKeyDigest signingKeyID, KeyLocator signingKeyLocator, CCNHandle handle) throws IOException
 Publish a public key to repository, if it isn't already there.
static PublicKeyObject publishKeyToRepository (ContentName keyName, PublicKey keyToPublish, PublisherPublicKeyDigest signingKeyID, KeyLocator signingKeyLocator, long timeToWaitForPreexisting, boolean requirePublisherMatch, CCNHandle handle) throws IOException
 Publish a public key to repository, if it isn't already there.
static PublicKeyObject publishKey (ContentName keyName, PublicKey keyToPublish, PublisherPublicKeyDigest signingKeyID, KeyLocator signingKeyLocator, CCNFlowControl flowController, SaveType saveType, CCNHandle handle, KeyManager keyManager) throws IOException
 Note: this is the lowest level interface to key publication; there are many higher-level interfaces that are probably what you want.

Static Public Attributes

static final String DEFAULT_DIGEST_ALGORITHM = "SHA-256"
 Currently default to SHA-256.
static final Provider PROVIDER = getBcProvider()

Static Protected Member Functions

static synchronized KeyManager createDefaultKeyManager () throws InvalidKeyException, IOException, ConfigurationException
 Create the default key manager.

Protected Attributes

ContentVerifier _verifier = null
 A default verifier to use, relative to these key caches and all.

Static Protected Attributes

static final KeyLocator SELF_SIGNED_KEY_LOCATOR = new KeyLocator()
 Canary value, indicates we want to override any other key locator available.
static KeyManager _defaultKeyManager = null
 The default KeyManager for this user/VM pair.


Detailed Description

Top-level interface for managing our own keys, as well as maintaining an address book containing the keys of others (which will be used by the TrustManager).

Also handles loading of the BouncyCastle provider, which we need for many things. Very minimal interface now, expect to evolve extensively.


Member Function Documentation

static synchronized KeyManager org.ccnx.ccn.KeyManager.getDefaultKeyManager (  )  [static]

Accessor to retrieve default key manager instance, or create it if necessary.

Returns:
the KeyManager
Exceptions:
ConfigurationException if there is a problem with the user or system configuration that requires intervention to resolve, or we have a significant problem starting up the key manager.

static synchronized void org.ccnx.ccn.KeyManager.closeDefaultKeyManager (  )  [static]

Clean up state left around by the default key manager and remove it.

For now that just means shutting down the network manager started by it

static synchronized KeyManager org.ccnx.ccn.KeyManager.createDefaultKeyManager (  )  throws InvalidKeyException, IOException, ConfigurationException [static, protected]

Create the default key manager.

Returns:
the key manager
Exceptions:
ConfigurationException if there is a problem with the user or system configuration that requires intervention to fix
IOException if there is an operational problem loading data or initializing the key store
ConfigurationException 

static synchronized void org.ccnx.ccn.KeyManager.setDefaultKeyManager ( KeyManager  keyManager  )  [static]

Set the default key manager to one of our choice.

If you do this, be careful on calling close().

void org.ccnx.ccn.KeyManager.close (  ) 

Close any connections we have to the network.

Ideally prepare to reopen them when they are next needed.

Reimplemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract void org.ccnx.ccn.KeyManager.initialize (  )  throws InvalidKeyException, IOException, ConfigurationException [pure virtual]

Allows subclasses to specialize key manager initialization.

Exceptions:
ConfigurationException 
IOException 

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublisherPublicKeyDigest org.ccnx.ccn.KeyManager.getDefaultKeyID (  )  [pure virtual]

Get our default key ID.

Returns:
the digest of our default key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublicKeyCache org.ccnx.ccn.KeyManager.getPublicKeyCache (  )  [pure virtual]

Access our collected store of public keys.

Returns:
our PublicKeyCache

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract SecureKeyCache org.ccnx.ccn.KeyManager.getSecureKeyCache (  )  [pure virtual]

Access our store of private keys and other secret key material that we have retrieved.

Returns:
our SecureKeyCache

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract URI org.ccnx.ccn.KeyManager.getConfigurationDataURI (  )  [pure virtual]

Not sure that this is the best idea, but others want to bootstrap on our configuration data store to stash their own config data.

Return location as a URI as it might be a namespace rather than a directory.

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager, and org.ccnx.ccn.impl.security.keys.NetworkKeyManager.

abstract PrivateKey org.ccnx.ccn.KeyManager.getDefaultSigningKey (  )  [pure virtual]

Get our default private key.

Returns:
our default private key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublicKey org.ccnx.ccn.KeyManager.getDefaultPublicKey (  )  [pure virtual]

Get our default public key.

Returns:
our default public key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

ContentName org.ccnx.ccn.KeyManager.getDefaultKeyName ( ContentName  keyPrefix,
PublisherPublicKeyDigest  keyID,
CCNTime  keyVersion 
)

Return the key's content name for a given key id, given a specified prefix and version.

The default key name is the publisher ID itself, under the user's key collection.

Parameters:
keyID[] publisher ID
Returns:
content name

abstract ContentName org.ccnx.ccn.KeyManager.getDefaultKeyName ( PublisherPublicKeyDigest  keyID  )  [pure virtual]

Get the key-manager determined default key name for a key.

Might include a version, might allow caller to save with generated version.

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract KeyLocator org.ccnx.ccn.KeyManager.getKeyLocator ( PublisherPublicKeyDigest  publisherKeyID  )  [pure virtual]

Gets the preferred key locator for this signing key.

Parameters:
publisherKeyID the key whose locator we want to retrieve, if null retrieves the key locator for our default key
Returns:
the current preferred key locator for that key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract KeyLocator org.ccnx.ccn.KeyManager.getKeyLocator ( PrivateKey  signingKey  )  [pure virtual]

Get our current preferred key locator for this signing key.

Uses getKeyLocator(PublisherPublicKeyDigest).

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

KeyLocator org.ccnx.ccn.KeyManager.getDefaultKeyLocator (  ) 

Get the key locator for our default key.

Same as getKeyLocator(null)

abstract void org.ccnx.ccn.KeyManager.setKeyLocator ( PublisherPublicKeyDigest  publisherKeyID,
KeyLocator  keyLocator 
) [pure virtual]

Remember the key locator to use for a given key.

Use this to publish this key in the future if not overridden by method calls. If no key locator stored for this key, and no override given, compute a KEY type key locator if this key has not been published, and the name given to it when published if it has.

Parameters:
publisherKeyID the key whose locator to set; if null sets it for our default key
keyLocator the new key locator for this key; overrides any previous value. If null, erases previous value and defaults will be used.

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

KeyLocator org.ccnx.ccn.KeyManager.getKeyTypeKeyLocator ( PublisherPublicKeyDigest  publisherKeyID  ) 

Get a KEY type key locator for a particular public key.

Parameters:
publisherKeyID the key whose locator we want to retrieve
Returns:
the key locator
Exceptions:
IOException 

abstract PublicKey org.ccnx.ccn.KeyManager.getPublicKey ( PublisherPublicKeyDigest  publisher  )  [pure virtual]

Get the public key associated with a given publisher.

Parameters:
publisher the digest of the desired key
Returns:
the key, or null if no such key known to our cache
Exceptions:
IOException 

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublisherPublicKeyDigest org.ccnx.ccn.KeyManager.getPublisherKeyID ( PrivateKey  signingKey  )  [pure virtual]

Get the publisher key digest associated with one of our signing keys.

Parameters:
signingKey key whose publisher data we want
Returns:
the digest of the corresponding public key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PrivateKey org.ccnx.ccn.KeyManager.getSigningKey ( PublisherPublicKeyDigest  publisherKeyID  )  [pure virtual]

Get the private key associated with a given publisher.

Parameters:
publisherKeyID the public key digest of the desired key
Returns:
the key, or null if no such key known to our cache

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PrivateKey [] org.ccnx.ccn.KeyManager.getSigningKeys (  )  [pure virtual]

Get all of our private keys, used for cache loading.

Returns:
an array of our currently available private keys

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract CCNTime org.ccnx.ccn.KeyManager.getKeyVersion ( PublisherPublicKeyDigest  keyID  )  [pure virtual]

Get any timestamp associate with this key.

Parameters:
keyID 
Returns:

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublicKey org.ccnx.ccn.KeyManager.getPublicKey ( PublisherPublicKeyDigest  publisherKeyID,
KeyLocator  keyLocator,
long  timeout 
) throws IOException [pure virtual]

Get the public key for a given publisher, going to the network to retrieve it if necessary.

Parameters:
publisherKeyID the digest of the keys we want
keyLocator the key locator to tell us where to retrieve the key from
timeout how long to try to retrieve the key
Returns:
the key
Exceptions:
IOException if we run into an error attempting to read the key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

PublicKey org.ccnx.ccn.KeyManager.getPublicKey ( PublisherPublicKeyDigest  publisherKeyID,
KeyLocator  keyLocator 
) throws IOException

Get the public key for a given publisher, going to the network to retrieve it if necessary.

Uses the SystemConfiguration.EXTRA_LONG_TIMEOUT to be aggressive and reexpress.

Parameters:
publisherKeyID the digest of the keys we want
keyLocator the key locator to tell us where to retrieve the key from
Returns:
the key
Exceptions:
IOException if we run into an error attempting to read the key

abstract PublicKeyObject org.ccnx.ccn.KeyManager.getPublicKeyObject ( PublisherPublicKeyDigest  desiredKeyID,
KeyLocator  locator,
long  timeout 
) throws IOException [pure virtual]

Get the public key for a given publisher as it was explicitly published, going to the network to retrieve it if necessary.

If the key was not published as a KEY content item (was in our keystore, or was in a KEY type of key locator), this wil not retrieve anything.

Parameters:
publisherKeyID the digest of the keys we want
keyLocator the key locator to tell us where to retrieve the key from
timeout how long to try to retrieve the key
Returns:
the key
Exceptions:
IOException if we run into an error attempting to read the key

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

PublicKeyObject org.ccnx.ccn.KeyManager.publishDefaultKey ( ContentName  keyName  )  throws IOException, InvalidKeyException

Allow subclasses to specialize key publication, if any.

Parameters:
defaultPrefix our default namespace, if we know one for this environment. If null, take user defaults.
Exceptions:
ConfigurationException 

Reimplemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

PublicKeyObject org.ccnx.ccn.KeyManager.publishKey ( ContentName  keyName,
PublisherPublicKeyDigest  keyToPublish,
PublisherPublicKeyDigest  signingKeyID,
KeyLocator  signingKeyLocator 
) throws InvalidKeyException, IOException

Publish a key at a certain name, signed by a specified identity (our default, if null).

Usually used to publish our own keys, but can specify other keys we have in our cache.

This publishes our key to our own internal key server, from where it can be retrieved as long as this KeyManager is running. It does not put it on the wire until someone requests it. Implementation Note: This code is used in CCNHandle initialization, and as such it cannot use a CCNHandle or any of the standard network operations without introducing a circular dependency. The code is very low-level and should only be modified with great caution.

Parameters:
keyName content name of the public key
keyToPublish public key digest of key to publish, if null publish our default key
handle handle for ccn
Exceptions:
IOException 
InvalidKeyException 

PublicKeyObject org.ccnx.ccn.KeyManager.publishSelfSignedKey ( ContentName  keyName,
PublisherPublicKeyDigest  keyToPublish,
boolean  learnKeyLocator 
) throws InvalidKeyException, IOException

Publish my public key to a local key server run in this JVM, as a self-signed key record.

We do this by default if we don't have any credentials for this key; this just allows the caller to explicitly request this behavior even if we do have credentials. TODO need mechanism for controlling whether this ends up in the key locator...

Parameters:
keyName content name of the public key
keyToPublish public key digest of key to publish and to sign with
handle handle for ccn
Exceptions:
IOException 
InvalidKeyException 

abstract PublicKeyObject org.ccnx.ccn.KeyManager.publishKey ( ContentName  keyName,
PublicKey  keyToPublish,
PublisherPublicKeyDigest  signingKeyID,
KeyLocator  signingKeyLocator,
boolean  learnKeyLocator 
) throws InvalidKeyException, IOException [pure virtual]

Publish a key at a certain name, signed by our default identity.

Usually used to publish our own keys, but can specify other keys we have in our cache.

This publishes our key to our own internal key server, from where it can be retrieved as long as this KeyManager is running. It does not put it on the wire until someone requests it. Implementation Note: This code is used in CCNHandle initialization, and as such it cannot use a CCNHandle or any of the standard network operations without introducing a circular dependency. The code is very low-level and should only be modified with great caution.

Parameters:
keyName the name under which the key should be published. For the moment, keys are unversioned.
keyToPublish can be null, in which case we publish our own default public key
signingKeyID key to sign with, if we wish to override default
signingKeyLocator locator to use, if we wish to override default; if null, one will be computed
learnKeyLocator do we remember the key locator used as the default for this signing key
Exceptions:
InvalidKeyException 
IOException 
ConfigurationException 

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublicKeyObject org.ccnx.ccn.KeyManager.publishKeyToRepository ( ContentName  keyName,
PublisherPublicKeyDigest  keyToPublish,
long  timeToWaitForPreexisting 
) throws InvalidKeyException, IOException [pure virtual]

Publish a key at a certain name, ensuring that it is stored in a repository.

Will throw an exception if no repository available. Usually used to publish our own keys, but can specify any key known to our key cache.

Parameters:
keyName Name under which to publish the key. Currently added under existing version, or version included in keyName.
keyToPublish can be null, in which case we publish our own default public key.
handle the handle to use for network requests
Exceptions:
InvalidKeyException 
IOException 

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract PublicKeyObject org.ccnx.ccn.KeyManager.publishSelfSignedKeyToRepository ( ContentName  keyName,
PublicKey  theKey,
PublisherPublicKeyDigest  keyToPublish,
long  timeToWaitForPreexisting 
) throws InvalidKeyException, IOException [pure virtual]

Publish one of our keys to a repository, if it isn't already there, and ensure that it's self-signed regardless of what credentials we have for it (this is the default behavior if we have no credentials for the key.

Throws an exception if no repository is available

Parameters:
keyName Name under which to publish the key. Currently added under existing version, or version included in keyName.
theKey the public key to publish, if we happen to have it; otherwise it will be retrieved from cache based on keyToPublish.
keyToPublish can be null, in which case we publish our own default public key.
handle the handle to use for network requests
Exceptions:
InvalidKeyException 
IOException 

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

PublicKeyObject org.ccnx.ccn.KeyManager.publishKeyToRepository (  )  throws InvalidKeyException, IOException

Publish our default key to a repository at its default location.

Parameters:
handle the handle used for network requests
Exceptions:
InvalidKeyException 
IOException 

static PublicKeyObject org.ccnx.ccn.KeyManager.publishKeyToRepository ( ContentName  keyName,
PublicKey  keyToPublish,
PublisherPublicKeyDigest  signingKeyID,
KeyLocator  signingKeyLocator,
CCNHandle  handle 
) throws IOException [static]

Publish a public key to repository, if it isn't already there.

Parameters:
keyName content name of the public key to publish under (adds a version)
keyToPublish the key to publish
handle the handle to use to publish it with
Returns:
the published information about this key, whether we published it or someone else had
Exceptions:
IOException 

static PublicKeyObject org.ccnx.ccn.KeyManager.publishKeyToRepository ( ContentName  keyName,
PublicKey  keyToPublish,
PublisherPublicKeyDigest  signingKeyID,
KeyLocator  signingKeyLocator,
long  timeToWaitForPreexisting,
boolean  requirePublisherMatch,
CCNHandle  handle 
) throws IOException [static]

Publish a public key to repository, if it isn't already there.

Parameters:
keyName content name of the public key to publish under (adds a version)
keyToPublish the key to publish
signingKeyID the key to sign with
signingKeyLocator the key locator to use
timeToWaitForPreexisting how long to wait to see if it has already been published (avoid re-publishing). If 0, we don't even try to find preexisting content.
requirePublisherMatch check to see if we match the specified publisher. Key locator match too complex to check, make caller do that one.
handle the handle to use to publish it with
Returns:
the published information about this key, whether we published it or someone else had
Exceptions:
IOException 

static PublicKeyObject org.ccnx.ccn.KeyManager.publishKey ( ContentName  keyName,
PublicKey  keyToPublish,
PublisherPublicKeyDigest  signingKeyID,
KeyLocator  signingKeyLocator,
CCNFlowControl  flowController,
SaveType  saveType,
CCNHandle  handle,
KeyManager  keyManager 
) throws IOException [static]

Note: this is the lowest level interface to key publication; there are many higher-level interfaces that are probably what you want.

This needs to be public to get across package constraints. Publish a signed record for this key. We've already decided we need to publish, and how; no more checks are made to see if the key already exists.

Parameters:
keyName the key's content name. Will add a version when saving if it doesn't have one already. If it does have a version, will use that one (see below for effect of version on the key locator). (Note that this is not standard behavior for savable network content, which needs its version explicitly set.)
keyToPublish the public key to publish
keyID the publisher id
signingKeyID the key id of the key pair to sign with
signingKeyLocator the key locator to use if we save this key (if it is not already published). If not specified, we look for the default locator for the signing key. If there is none, and we are signing with the same key we are publishing, we build a self-referential key locator, using the name passed in (versioned or not).
flowController flow controller to use. If non-null, saveType is ignored.
saveType -- if we don't want to hand in a special-purpose flow controller, set saveType to RAW or REPO to get standard publishing behavior.
handle the handle to use if we haven't specified a flow controller. Makes a flow controller of the type specified by saveType.
keyManager the key manager to use to pull additional signing information (default keys and locators if not specified). If null, taken from handle. Also publish key added to its cache.
Returns:
the published information about this key, whether we published it or someone else had
Exceptions:
IOException 

void org.ccnx.ccn.KeyManager.respondToKeyRequests ( ContentName  keyPrefix  )  throws IOException

Right now KeyServers are hidden in our subclasses.

... this makes it hard to expose control of filter registration. This is a bad attempt at an API for that, it should change. Don't make it abstract as subclasses may not need it.

Exceptions:
IOException 

Reimplemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.

abstract AccessControlManager org.ccnx.ccn.KeyManager.getAccessControlManagerForName ( ContentName  contentName  )  [pure virtual]

Handle access control manager cache.

Parameters:
contentName 
Returns:

Implemented in org.ccnx.ccn.impl.security.keys.BasicKeyManager.


Member Data Documentation

final String org.ccnx.ccn.KeyManager.DEFAULT_DIGEST_ALGORITHM = "SHA-256" [static]

Currently default to SHA-256.

Only thing that associates a specific digest algorithm with a version of the CCN protocol is the calculation of the vestigial content digest component of ContentName used in Interest matching, and publisher digests. Changing the latter is handled by backwards-compatible changes to the protocol encoding. All other digests are stored prefaced with an algorithm identifier, to allow them to be modified. We expect the protocol default digest algorithm to move to SHA3 when defined.

The default KeyManager for this user/VM pair.

The KeyManager will eventually have access to significant cached state, and so a single one should be shared by as many processes within the same trust domain as possible. We might make multiple KeyManagers representing different "users" for testing purposes.

A default verifier to use, relative to these key caches and all.

Move to TrustManager eventually.


The documentation for this class was generated from the following file:

Generated on Thu Feb 16 00:44:51 2012 for Content-Centric Networking in Java by  doxygen 1.5.6