Public Member Functions | |
NodeKey (ContentName nodeKeyName, byte[] unwrappedNodeKey) | |
Constructor for a node key specified by its name and key bytes interpreted as a key for DEFAULT_NODE_KEY_ALGORITHM. | |
NodeKey (ContentName nodeKeyName, Key unwrappedNodeKey) | |
Constructor for a node key specified by its name and key. | |
NodeKey | computeDescendantNodeKey (ContentName descendantNodeName, String keyLabel) throws InvalidKeyException, ContentEncodingException |
Computes the descendant node key for a specified descendant node using the key derivation function. | |
NodeKey | computeDescendantNodeKey (ContentName descendantNodeName) throws InvalidKeyException, ContentEncodingException |
ContentName | nodeName () |
Get the node name. | |
ContentName | storedNodeKeyName () |
Get the stored node key name. | |
byte[] | storedNodeKeyID () |
Get the stored node key ID. | |
Key | nodeKey () |
Get the node key. | |
boolean | isDerivedNodeKey () |
Check whether the node key is derived from an ancestor node key via the key derivation function. | |
boolean | isNullNodeKey () |
Emtpy key, signaling no encryption. | |
CCNTime | nodeKeyVersion () |
Get the version of the stored node key name. | |
byte[] | generateKeyID () |
Returns a digest of the node key. | |
int | hashCode () |
boolean | equals (Object obj) |
String | toString () |
Static Public Member Functions | |
static byte[] | nullNodeKeyID () |
static byte[] | generateKeyID (byte[] key) |
Returns a digest of a specified key. | |
static byte[] | generateKeyID (Key key) |
Returns a digest of a specified key. | |
Static Public Attributes | |
static final int | DEFAULT_NODE_KEY_LENGTH = 16 |
Default data key length in bytes. | |
static final String | DEFAULT_NODE_KEY_ALGORITHM = "AES" |
The keys we're wrapping are really seeds for a KDF, not keys in their own right. | |
static final String | DEFAULT_KEY_LABEL = "NodeKey" |
Default key label for key derivation function. | |
static final byte[] | NULL_NODE_KEY_ID = "NULL_KEY".getBytes() |
KeyID for empty keys (signaling no encryption). | |
Protected Member Functions | |
NodeKey (ContentName nodeName, byte[] derivedNodeKey, ContentName ancestorNodeKeyName, byte[] ancestorNodeKeyID) | |
Constructor for a node key derived (via a key derivation function) from an ancestor node key. |
It includes methods for computing derived node keys for descendant nodes using a key derivation function. For a definition and description of node keys, see the CCNx Access Control Specification.
org.ccnx.ccn.profiles.security.access.group.NodeKey.NodeKey | ( | ContentName | nodeKeyName, | |
byte[] | unwrappedNodeKey | |||
) |
Constructor for a node key specified by its name and key bytes interpreted as a key for DEFAULT_NODE_KEY_ALGORITHM.
nodeKeyName | the name of the node key | |
unwrappedNodeKey | the unwrapped node key |
org.ccnx.ccn.profiles.security.access.group.NodeKey.NodeKey | ( | ContentName | nodeKeyName, | |
Key | unwrappedNodeKey | |||
) |
Constructor for a node key specified by its name and key.
nodeKeyName | the name of the node key | |
unwrappedNodeKey | the unwrapped node key |
org.ccnx.ccn.profiles.security.access.group.NodeKey.NodeKey | ( | ContentName | nodeName, | |
byte[] | derivedNodeKey, | |||
ContentName | ancestorNodeKeyName, | |||
byte[] | ancestorNodeKeyID | |||
) | [protected] |
Constructor for a node key derived (via a key derivation function) from an ancestor node key.
nodeName | the name of the node | |
derivedNodeKey | the derived node key | |
ancestorNodeKeyName | the name of the ancestor node key | |
ancestorNodeKeyID | the digest of the ancestor node key |
NodeKey org.ccnx.ccn.profiles.security.access.group.NodeKey.computeDescendantNodeKey | ( | ContentName | descendantNodeName, | |
String | keyLabel | |||
) | throws InvalidKeyException, ContentEncodingException |
Computes the descendant node key for a specified descendant node using the key derivation function.
descendantNodeName | the name of the descendant node | |
keyLabel | the label of the key |
InvalidKeyException | ||
ContentEncodingException |
ContentName org.ccnx.ccn.profiles.security.access.group.NodeKey.nodeName | ( | ) |
Get the node name.
ContentName org.ccnx.ccn.profiles.security.access.group.NodeKey.storedNodeKeyName | ( | ) |
Get the stored node key name.
byte [] org.ccnx.ccn.profiles.security.access.group.NodeKey.storedNodeKeyID | ( | ) |
Get the stored node key ID.
Key org.ccnx.ccn.profiles.security.access.group.NodeKey.nodeKey | ( | ) |
Get the node key.
boolean org.ccnx.ccn.profiles.security.access.group.NodeKey.isDerivedNodeKey | ( | ) |
Check whether the node key is derived from an ancestor node key via the key derivation function.
boolean org.ccnx.ccn.profiles.security.access.group.NodeKey.isNullNodeKey | ( | ) |
Emtpy key, signaling no encryption.
CCNTime org.ccnx.ccn.profiles.security.access.group.NodeKey.nodeKeyVersion | ( | ) |
Get the version of the stored node key name.
byte [] org.ccnx.ccn.profiles.security.access.group.NodeKey.generateKeyID | ( | ) |
Returns a digest of the node key.
static byte [] org.ccnx.ccn.profiles.security.access.group.NodeKey.generateKeyID | ( | byte[] | key | ) | [static] |
Returns a digest of a specified key.
key | the key |
static byte [] org.ccnx.ccn.profiles.security.access.group.NodeKey.generateKeyID | ( | Key | key | ) | [static] |
Returns a digest of a specified key.
key | the key |
final int org.ccnx.ccn.profiles.security.access.group.NodeKey.DEFAULT_NODE_KEY_LENGTH = 16 [static] |
Default data key length in bytes.
No real reason this can't be bumped up to 32. It acts as the seed for a KDF, not an encryption key.
final String org.ccnx.ccn.profiles.security.access.group.NodeKey.DEFAULT_NODE_KEY_ALGORITHM = "AES" [static] |
The keys we're wrapping are really seeds for a KDF, not keys in their own right.
Eventually we'll use CMAC, so call them AES...