Inherits java::io::Serializable.
Public Member Functions | |
SecureKeyCache (KeyManager keyManagerToLoadFrom) | |
Constructor that loads keys from a KeyManager. | |
void | loadKeyStore (KeyStoreInfo keyStoreInfo, char[] password, PublicKeyCache publicKeyCache) throws KeyStoreException |
Load the private keys from a KeyStore. | |
Key | getKey (byte[] desiredKeyIdentifier) |
Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code. | |
Key | getKey (ContentName desiredKeyName) |
Retrieve a key specified by its name. | |
Key | getKey (ContentName desiredKeyName, byte[] desiredKeyID) |
Try both in one call. | |
boolean | containsKey (byte[] keyIdentifier) |
Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key. | |
boolean | containsKey (ContentName keyName) |
As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest. | |
byte[] | getKeyID (ContentName versionedName) |
Get the key ID associated with a name, if we have one. | |
PrivateKey | getPrivateKey (byte[] desiredPublicKeyIdentifier) |
Returns the private key corresponding to a public key specified by its digest. | |
PrivateKey | getPrivateKey (ContentName desiredKeyName) |
PrivateKey[] | getPrivateKeys () |
Returns all private keys in cache, loaded from keystore or picked up during operation. | |
PrivateKey[] | getMyPrivateKeys () |
synchronized void | addPrivateKey (ContentName keyName, byte[] publicKeyIdentifier, PrivateKey pk) |
Records a private key and the name and digest of the corresponding public key. | |
synchronized void | addMyPrivateKey (byte[] publicKeyIdentifier, PrivateKey pk) |
Records one of my private keys and the digest of the corresponding public key. | |
synchronized void | addKey (ContentName name, Key key) |
Make a record of a key by its name and digest. | |
PublisherPublicKeyDigest | getPublicKeyIdentifier (PrivateKey pk) |
int | size () |
Return a total count of keys in this cache. | |
synchronized void | merge (SecureKeyCache cache) |
Merges the SecureKeyCache with a given SecureKeyCache. | |
void | printContents () |
Debugging utility to print the contents of the secureKeyCache. | |
boolean | validateForWriting () |
Make sure everything in here is Serializable. | |
Static Public Member Functions | |
static byte[] | getKeyIdentifier (Key key) |
Returns the digest of a specified key. | |
Static Package Attributes | |
static Comparator< byte[]> | byteArrayComparator = new ByteArrayCompare() |
from access control).
TODO: finish mechanism that saves the key cache between runs.
org.ccnx.ccn.impl.security.keys.SecureKeyCache.SecureKeyCache | ( | KeyManager | keyManagerToLoadFrom | ) |
Constructor that loads keys from a KeyManager.
keyManagerToLoadFrom | the key manager TODO bug -- should merge key caches, not just load signing keys. |
void org.ccnx.ccn.impl.security.keys.SecureKeyCache.loadKeyStore | ( | KeyStoreInfo | keyStoreInfo, | |
char[] | password, | |||
PublicKeyCache | publicKeyCache | |||
) | throws KeyStoreException |
Load the private keys from a KeyStore.
keystore |
KeyStoreException |
Key org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKey | ( | byte[] | desiredKeyIdentifier | ) |
Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.
desiredKeyIdentifier | the digest |
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey | ( | byte[] | keyIdentifier | ) |
Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key.
keyIdentifier | the key digest. |
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey | ( | ContentName | keyName | ) |
As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest.
keyName |
byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyID | ( | ContentName | versionedName | ) |
Get the key ID associated with a name, if we have one.
Currently store keys under versioned names -- might be nice to effectively search over versions of a key... This can be used to look up the key, allowing the caller to be sure they have the right key.
PrivateKey org.ccnx.ccn.impl.security.keys.SecureKeyCache.getPrivateKey | ( | byte[] | desiredPublicKeyIdentifier | ) |
Returns the private key corresponding to a public key specified by its digest.
To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.
desiredPublicKeyIdentifier | the digest of the public key. |
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addPrivateKey | ( | ContentName | keyName, | |
byte[] | publicKeyIdentifier, | |||
PrivateKey | pk | |||
) |
Records a private key and the name and digest of the corresponding public key.
keyName | a name under which to look up the private key | |
publicKeyIdentifier | the digest of the public key | |
pk | the private key |
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addMyPrivateKey | ( | byte[] | publicKeyIdentifier, | |
PrivateKey | pk | |||
) |
Records one of my private keys and the digest of the corresponding public key.
publicKeyIdentifier | the digest of the public key. | |
pk | the corresponding private key. |
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addKey | ( | ContentName | name, | |
Key | key | |||
) |
Make a record of a key by its name and digest.
name | the name of the key. | |
key | the key. |
static byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyIdentifier | ( | Key | key | ) | [static] |
Returns the digest of a specified key.
key | the key. |
int org.ccnx.ccn.impl.security.keys.SecureKeyCache.size | ( | ) |
Return a total count of keys in this cache.
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.merge | ( | SecureKeyCache | cache | ) |
Merges the SecureKeyCache with a given SecureKeyCache.
The original SecureKeyCache dominates, i.e. the merged cache will contain the names in the original cache if there are any conflicts
cache | the SecureKeyCache to merge with |
_keyMap.putAll(cache._keyMap); _myKeyMap.putAll(cache._myKeyMap); _privateKeyMap.putAll(cache._privateKeyMap); _privateKeyIdentifierMap.putAll(cache._privateKeyIdentifierMap);
Collection<byte[]> digests = cache._nameKeyMap.values(); Iterator<byte[]> it = digests.iterator(); while (it.hasNext()) {
if (this._nameKeyMap.containsValue(it.next())) { it.remove(); } }
_nameKeyMap.putAll(cache._nameKeyMap);
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.validateForWriting | ( | ) |
Make sure everything in here is Serializable.