org.ccnx.ccn.impl.security.keys.SecureKeyCache Class Reference

A container for our private keys and other secret key material that we have retrieved (e.g. More...

Inherits java::io::Serializable.

List of all members.

Public Member Functions

 SecureKeyCache (KeyManager keyManagerToLoadFrom)
 Constructor that loads keys from a KeyManager.
void loadKeyStore (KeyStoreInfo keyStoreInfo, char[] password, PublicKeyCache publicKeyCache) throws KeyStoreException
 Load the private keys from a KeyStore.
Key getKey (byte[] desiredKeyIdentifier)
 Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.
Key getKey (ContentName desiredKeyName)
 Retrieve a key specified by its name.
Key getKey (ContentName desiredKeyName, byte[] desiredKeyID)
 Try both in one call.
boolean containsKey (byte[] keyIdentifier)
 Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key.
boolean containsKey (ContentName keyName)
 As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest.
byte[] getKeyID (ContentName versionedName)
 Get the key ID associated with a name, if we have one.
PrivateKey getPrivateKey (byte[] desiredPublicKeyIdentifier)
 Returns the private key corresponding to a public key specified by its digest.
PrivateKey getPrivateKey (ContentName desiredKeyName)
PrivateKey[] getPrivateKeys ()
 Returns all private keys in cache, loaded from keystore or picked up during operation.
PrivateKey[] getMyPrivateKeys ()
synchronized void addPrivateKey (ContentName keyName, byte[] publicKeyIdentifier, PrivateKey pk)
 Records a private key and the name and digest of the corresponding public key.
synchronized void addMyPrivateKey (byte[] publicKeyIdentifier, PrivateKey pk)
 Records one of my private keys and the digest of the corresponding public key.
synchronized void addKey (ContentName name, Key key)
 Make a record of a key by its name and digest.
PublisherPublicKeyDigest getPublicKeyIdentifier (PrivateKey pk)
int size ()
 Return a total count of keys in this cache.
synchronized void merge (SecureKeyCache cache)
 Merges the SecureKeyCache with a given SecureKeyCache.
void printContents ()
 Debugging utility to print the contents of the secureKeyCache.
boolean validateForWriting ()
 Make sure everything in here is Serializable.

Static Public Member Functions

static byte[] getKeyIdentifier (Key key)
 Returns the digest of a specified key.

Static Package Attributes

static Comparator< byte[]> byteArrayComparator = new ByteArrayCompare()


Detailed Description

A container for our private keys and other secret key material that we have retrieved (e.g.

from access control).

TODO: finish mechanism that saves the key cache between runs.


Constructor & Destructor Documentation

org.ccnx.ccn.impl.security.keys.SecureKeyCache.SecureKeyCache ( KeyManager  keyManagerToLoadFrom  ) 

Constructor that loads keys from a KeyManager.

Parameters:
keyManagerToLoadFrom the key manager TODO bug -- should merge key caches, not just load signing keys.


Member Function Documentation

void org.ccnx.ccn.impl.security.keys.SecureKeyCache.loadKeyStore ( KeyStoreInfo  keyStoreInfo,
char[]  password,
PublicKeyCache  publicKeyCache 
) throws KeyStoreException

Load the private keys from a KeyStore.

Parameters:
keystore 
Exceptions:
KeyStoreException 

Key org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKey ( byte[]  desiredKeyIdentifier  ) 

Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.

Parameters:
desiredKeyIdentifier the digest
Returns:
the key

boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey ( byte[]  keyIdentifier  ) 

Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key.

Parameters:
keyIdentifier the key digest.
Returns:

boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey ( ContentName  keyName  ) 

As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest.

Parameters:
keyName 
Returns:

byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyID ( ContentName  versionedName  ) 

Get the key ID associated with a name, if we have one.

Currently store keys under versioned names -- might be nice to effectively search over versions of a key... This can be used to look up the key, allowing the caller to be sure they have the right key.

PrivateKey org.ccnx.ccn.impl.security.keys.SecureKeyCache.getPrivateKey ( byte[]  desiredPublicKeyIdentifier  ) 

Returns the private key corresponding to a public key specified by its digest.

To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.

Parameters:
desiredPublicKeyIdentifier the digest of the public key.
Returns:
the corresponding private key.

synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addPrivateKey ( ContentName  keyName,
byte[]  publicKeyIdentifier,
PrivateKey  pk 
)

Records a private key and the name and digest of the corresponding public key.

Parameters:
keyName a name under which to look up the private key
publicKeyIdentifier the digest of the public key
pk the private key

synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addMyPrivateKey ( byte[]  publicKeyIdentifier,
PrivateKey  pk 
)

Records one of my private keys and the digest of the corresponding public key.

Parameters:
publicKeyIdentifier the digest of the public key.
pk the corresponding private key.

synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addKey ( ContentName  name,
Key  key 
)

Make a record of a key by its name and digest.

Parameters:
name the name of the key.
key the key.

static byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyIdentifier ( Key  key  )  [static]

Returns the digest of a specified key.

Parameters:
key the key.
Returns:
the digest.

int org.ccnx.ccn.impl.security.keys.SecureKeyCache.size (  ) 

Return a total count of keys in this cache.

Returns:

synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.merge ( SecureKeyCache  cache  ) 

Merges the SecureKeyCache with a given SecureKeyCache.

The original SecureKeyCache dominates, i.e. the merged cache will contain the names in the original cache if there are any conflicts

Parameters:
cache the SecureKeyCache to merge with

_keyMap.putAll(cache._keyMap); _myKeyMap.putAll(cache._myKeyMap); _privateKeyMap.putAll(cache._privateKeyMap); _privateKeyIdentifierMap.putAll(cache._privateKeyIdentifierMap);

Collection<byte[]> digests = cache._nameKeyMap.values(); Iterator<byte[]> it = digests.iterator(); while (it.hasNext()) {

if (this._nameKeyMap.containsValue(it.next())) { it.remove(); } }

_nameKeyMap.putAll(cache._nameKeyMap);

boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.validateForWriting (  ) 

Make sure everything in here is Serializable.

Returns:


The documentation for this class was generated from the following file:

Generated on Thu Feb 16 00:45:00 2012 for Content-Centric Networking in Java by  doxygen 1.5.6