org.ccnx.ccn.impl.security.keys.SecureKeyCache Class Reference

A container for our private keys and other secret key material that we have retrieved (e.g. More...

List of all members.

Public Member Functions

 SecureKeyCache (KeyManager keyManagerToLoadFrom)
 Constructor that loads keys from a KeyManager.
void loadKeyStore (KeyStoreInfo keyStoreInfo, char[] password, PublicKeyCache publicKeyCache) throws KeyStoreException
 Load the private keys from a KeyStore.
Key getKey (byte[] desiredKeyIdentifier)
 Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.
Key getKey (ContentName desiredKeyName)
 Retrieve a key specified by its name.
Key getKey (ContentName desiredKeyName, byte[] desiredKeyID)
 Try both in one call.
boolean containsKey (byte[] keyIdentifier)
 Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key.
boolean containsKey (ContentName keyName)
 As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest.
byte[] getKeyID (ContentName versionedName)
 Get the key ID associated with a name, if we have one.
PrivateKey getPrivateKey (byte[] desiredPublicKeyIdentifier)
 Returns the private key corresponding to a public key specified by its digest.
PrivateKey getPrivateKey (ContentName desiredKeyName)
PrivateKey[] getPrivateKeys ()
 Returns all private keys in cache, loaded from keystore or picked up during operation.
PrivateKey[] getMyPrivateKeys ()
synchronized void addPrivateKey (ContentName keyName, byte[] publicKeyIdentifier, PrivateKey pk)
 Records a private key and the name and digest of the corresponding public key.
synchronized void addMyPrivateKey (byte[] publicKeyIdentifier, PrivateKey pk)
 Records one of my private keys and the digest of the corresponding public key.
synchronized void addKey (ContentName name, Key key)
 Make a record of a key by its name and digest.
PublisherPublicKeyDigest getPublicKeyIdentifier (PrivateKey pk)
int size ()
 Return a total count of keys in this cache.
synchronized void merge (SecureKeyCache cache)
 Merges the SecureKeyCache with a given SecureKeyCache.
void printContents ()
 Debugging utility to print the contents of the secureKeyCache.
boolean validateForWriting ()
 Make sure everything in here is Serializable.

Static Public Member Functions

static byte[] getKeyIdentifier (Key key)
 Returns the digest of a specified key.

Static Package Attributes

static Comparator< byte[]> byteArrayComparator = new ByteArrayCompare()

Detailed Description

A container for our private keys and other secret key material that we have retrieved (e.g.

from access control).

TODO: finish mechanism that saves the key cache between runs.


Constructor & Destructor Documentation

org.ccnx.ccn.impl.security.keys.SecureKeyCache.SecureKeyCache ( KeyManager  keyManagerToLoadFrom  ) 

Constructor that loads keys from a KeyManager.

Parameters:
keyManagerToLoadFrom the key manager TODO bug -- should merge key caches, not just load signing keys.

Member Function Documentation

synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addKey ( ContentName  name,
Key  key 
)

Make a record of a key by its name and digest.

Parameters:
name the name of the key.
key the key.
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addMyPrivateKey ( byte[]  publicKeyIdentifier,
PrivateKey  pk 
)

Records one of my private keys and the digest of the corresponding public key.

Parameters:
publicKeyIdentifier the digest of the public key.
pk the corresponding private key.
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.addPrivateKey ( ContentName  keyName,
byte[]  publicKeyIdentifier,
PrivateKey  pk 
)

Records a private key and the name and digest of the corresponding public key.

Parameters:
keyName a name under which to look up the private key
publicKeyIdentifier the digest of the public key
pk the private key
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey ( ContentName  keyName  ) 

As the map from name to content is not unique, this might not give you a definite answer, and you should still check the digest.

Parameters:
keyName 
Returns:
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.containsKey ( byte[]  keyIdentifier  ) 

Checks whether we have a record of a key specified by its digest, or in the case of a private key, the digest of the corresponding public key.

Parameters:
keyIdentifier the key digest.
Returns:
Key org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKey ( byte[]  desiredKeyIdentifier  ) 

Retrieve a key specified by its digest To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.

Parameters:
desiredKeyIdentifier the digest
Returns:
the key
byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyID ( ContentName  versionedName  ) 

Get the key ID associated with a name, if we have one.

Currently store keys under versioned names -- might be nice to effectively search over versions of a key... This can be used to look up the key, allowing the caller to be sure they have the right key.

static byte [] org.ccnx.ccn.impl.security.keys.SecureKeyCache.getKeyIdentifier ( Key  key  )  [static]

Returns the digest of a specified key.

Parameters:
key the key.
Returns:
the digest.
PrivateKey org.ccnx.ccn.impl.security.keys.SecureKeyCache.getPrivateKey ( byte[]  desiredPublicKeyIdentifier  ) 

Returns the private key corresponding to a public key specified by its digest.

To restrict access to keys, store key cache in a private variable, and don't allow references to it from untrusted code.

Parameters:
desiredPublicKeyIdentifier the digest of the public key.
Returns:
the corresponding private key.
void org.ccnx.ccn.impl.security.keys.SecureKeyCache.loadKeyStore ( KeyStoreInfo  keyStoreInfo,
char[]  password,
PublicKeyCache  publicKeyCache 
) throws KeyStoreException

Load the private keys from a KeyStore.

Parameters:
keystore 
Exceptions:
KeyStoreException 
synchronized void org.ccnx.ccn.impl.security.keys.SecureKeyCache.merge ( SecureKeyCache  cache  ) 

Merges the SecureKeyCache with a given SecureKeyCache.

The original SecureKeyCache dominates, i.e. the merged cache will contain the names in the original cache if there are any conflicts

Parameters:
cache the SecureKeyCache to merge with

_keyMap.putAll(cache._keyMap); _myKeyMap.putAll(cache._myKeyMap); _privateKeyMap.putAll(cache._privateKeyMap); _privateKeyIdentifierMap.putAll(cache._privateKeyIdentifierMap);

Collection<byte[]> digests = cache._nameKeyMap.values(); Iterator<byte[]> it = digests.iterator(); while (it.hasNext()) {

if (this._nameKeyMap.containsValue(it.next())) { it.remove(); } }

_nameKeyMap.putAll(cache._nameKeyMap);

int org.ccnx.ccn.impl.security.keys.SecureKeyCache.size (  ) 

Return a total count of keys in this cache.

Returns:
boolean org.ccnx.ccn.impl.security.keys.SecureKeyCache.validateForWriting (  ) 

Make sure everything in here is Serializable.

Returns:

The documentation for this class was generated from the following file:
Generated on Fri May 13 16:27:42 2011 for Content-Centric Networking in Java by  doxygen 1.6.3