net.cnri.do_api

Class DOKeyRing

java.lang.Object

net.cnri.do_api.DOKeyRing

public class DOKeyRing
extends java.lang.Object

This is an interface to a set of encrypted keys that can be used to open encrypted documents in digital objects. The keys are stored in the digital object identified by the user's handle. All keys will be granted in a new data element (or attribute) named with granted_key. where is assigned by the server. The implementation consolidates the keys by adding all granted keys to the main keychain and removing all expired keys.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CIPHER_ALG_ATTRIBUTE
static java.lang.String	ELEMENT_KEY_FORMAT
static java.lang.String	GRANTED_KEY_PREFIX
static java.lang.String	KEY_ALG_ATTRIBUTE
static java.lang.String	KEY_ID_ATTRIBUTE
static java.lang.String	KEYRING_ELEMENT_ID

Constructor Summary

Constructors

Constructor and Description
DOKeyRing(java.security.PrivateKey key, DigitalObject userObj)

Method Summary

Methods

Modifier and Type	Method and Description
static java.lang.String	buildKeyGrant(java.lang.String keyRecipient, javax.crypto.SecretKey key) This will encrypt the given key using the recipient's public key and encode it into a block of text that can be emailed to an individual.
java.io.InputStream	decryptDataElement(DataElement element) If the given data element is encrypted, check our keychain for a key that will decrypt it and use that key to return an InputStream from which the unencrypted data element bytes can be returned.
java.io.InputStream	decryptDataElementUsingKey(int i, java.lang.String keyID, java.lang.String algorithm, DataElement element)
javax.crypto.SecretKey	generateEncryptionKey() Create and return a SecretKey suitable for object encryption
static void	grantKeyTo(DigitalObject granteeUserObject, javax.crypto.SecretKey key) Encrypt and add the given secret key, which was used to encrypt an object, to the given recipient's keychain.
void	loadKeys() Loads the user's keychain from their digital object, consolidating any granted keys into the main keyring
long	writeEncryptedElement(DataElement element, javax.crypto.SecretKey secKey, java.io.InputStream source) Encrypts and writes the data from the given source to the DataElement using the secret key to encrypt the data while recording the key identifier in the data element's attributes.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEYRING_ELEMENT_ID

public static final java.lang.String KEYRING_ELEMENT_ID

See Also:

Constant Field Values

GRANTED_KEY_PREFIX

public static final java.lang.String GRANTED_KEY_PREFIX

See Also:

Constant Field Values

KEY_ID_ATTRIBUTE

public static final java.lang.String KEY_ID_ATTRIBUTE

See Also:

Constant Field Values

KEY_ALG_ATTRIBUTE

public static final java.lang.String KEY_ALG_ATTRIBUTE

See Also:

Constant Field Values

CIPHER_ALG_ATTRIBUTE

public static final java.lang.String CIPHER_ALG_ATTRIBUTE

See Also:

Constant Field Values

ELEMENT_KEY_FORMAT

public static final java.lang.String ELEMENT_KEY_FORMAT

See Also:

Constant Field Values

Constructor Detail

DOKeyRing

public DOKeyRing(java.security.PrivateKey key,
         DigitalObject userObj)
          throws java.lang.Exception

Throws:

java.lang.Exception

Method Detail

loadKeys

public void loadKeys()
              throws java.lang.Exception

Loads the user's keychain from their digital object, consolidating any granted keys into the main keyring

Throws:

java.lang.Exception

grantKeyTo

public static void grantKeyTo(DigitalObject granteeUserObject,
              javax.crypto.SecretKey key)
                       throws java.lang.Exception

Encrypt and add the given secret key, which was used to encrypt an object, to the given recipient's keychain. The key will be encrypted using the given entity's public key and then deposited in their keychain.

Throws:

java.lang.Exception

buildKeyGrant

public static java.lang.String buildKeyGrant(java.lang.String keyRecipient,
                             javax.crypto.SecretKey key)
                                      throws java.lang.Exception

This will encrypt the given key using the recipient's public key and encode it into a block of text that can be emailed to an individual.

Throws:

java.lang.Exception

generateEncryptionKey

public javax.crypto.SecretKey generateEncryptionKey()
                                             throws java.security.spec.InvalidKeySpecException

Create and return a SecretKey suitable for object encryption

Throws:

java.security.spec.InvalidKeySpecException

decryptDataElementUsingKey

public java.io.InputStream decryptDataElementUsingKey(int i,
                                             java.lang.String keyID,
                                             java.lang.String algorithm,
                                             DataElement element)

decryptDataElement

public java.io.InputStream decryptDataElement(DataElement element)
                                       throws java.lang.Exception

If the given data element is encrypted, check our keychain for a key that will decrypt it and use that key to return an InputStream from which the unencrypted data element bytes can be returned.

Throws:

java.lang.Exception

writeEncryptedElement

public long writeEncryptedElement(DataElement element,
                         javax.crypto.SecretKey secKey,
                         java.io.InputStream source)
                           throws java.lang.Exception

Encrypts and writes the data from the given source to the DataElement using the secret key to encrypt the data while recording the key identifier in the data element's attributes.

Throws:

java.lang.Exception