Cumulus4j API
(1.1.0)

org.cumulus4j.keymanager.back.shared
Class GetActiveEncryptionKeyRequest

java.lang.Object
  extended by org.cumulus4j.keymanager.back.shared.Message
      extended by org.cumulus4j.keymanager.back.shared.Request
          extended by org.cumulus4j.keymanager.back.shared.GetActiveEncryptionKeyRequest
All Implemented Interfaces:
Serializable

public class GetActiveEncryptionKeyRequest
extends Request

Request implementation to get the currently active encryption key.

In order to prevent an attacker dumping an app-server's memory from gaining access to all the data, Cumulus4j uses many different keys for encryption. Usually, it rotates the encryption key once per day, but different settings are possible (e.g. once per hour for the very paranoid).

Author:
Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de
See Also:
GetActiveEncryptionKeyResponse, Serialized Form

Constructor Summary
GetActiveEncryptionKeyRequest()
          Create an empty instance of GetActiveEncryptionKeyRequest.
GetActiveEncryptionKeyRequest(String cryptoSessionID, String keyEncryptionTransformation, byte[] keyEncryptionPublicKey)
          Create an instance of GetActiveEncryptionKeyRequest for asking the key-manager about the currently active encryption key.
 
Method Summary
 byte[] getKeyEncryptionPublicKey()
          Get the public key to be used to encrypt the symmetric secret key.
 String getKeyEncryptionTransformation()
           Get the asymmetric encryption algorithm to be used to encrypt the symmetric secret key.
 Date getTimestamp()
          Get the timestamp which the active encryption key should be determined for.
 void setKeyEncryptionPublicKey(byte[] keyEncryptionPublicKey)
          Set the public key to be used to encrypt the symmetric secret key.
 void setKeyEncryptionTransformation(String keyEncryptionTransformation)
          Set the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
 void setTimestamp(Date timestamp)
          Set the timestamp which the active encryption key should be determined for
 
Methods inherited from class org.cumulus4j.keymanager.back.shared.Request
getCryptoSessionID, getCryptoSessionIDPrefix, setCryptoSessionID, toString
 
Methods inherited from class org.cumulus4j.keymanager.back.shared.Message
equals, getRequestID, hashCode, setRequestID
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

GetActiveEncryptionKeyRequest

public GetActiveEncryptionKeyRequest()
Create an empty instance of GetActiveEncryptionKeyRequest. Only used for serialisation/deserialisation.


GetActiveEncryptionKeyRequest

public GetActiveEncryptionKeyRequest(String cryptoSessionID,
                                     String keyEncryptionTransformation,
                                     byte[] keyEncryptionPublicKey)
Create an instance of GetActiveEncryptionKeyRequest for asking the key-manager about the currently active encryption key.

Parameters:
cryptoSessionID - the identifier of the crypto-session in which the request should be processed. It must exist and be unlocked for this request to succeed.
keyEncryptionTransformation - the asymmetric encryption algorithm (with padding) that should be used by the key-manager to encrypt the symmetric secret key, before sending it to the app-server. For example "RSA//OAEPWITHSHA1ANDMGF1PADDING".
keyEncryptionPublicKey - the public key to be used by the key-manager to encrypt the key when sending it back to the app-server.
Method Detail

getTimestamp

public Date getTimestamp()
Get the timestamp which the active encryption key should be determined for. The main reason for this is to prevent problems when the key-manager's clock is incorrect by using the app-server's timestamp.

Returns:
the timestamp which the active encryption key should be determined for.

setTimestamp

public void setTimestamp(Date timestamp)
Set the timestamp which the active encryption key should be determined for

Parameters:
timestamp - the timestamp which the active encryption key should be determined for

getKeyEncryptionTransformation

public String getKeyEncryptionTransformation()

Get the asymmetric encryption algorithm to be used to encrypt the symmetric secret key.

The key-manager uses this transformation (which should include a padding, e.g. "RSA//OAEPWITHSHA1ANDMGF1PADDING") to obtain a Cipher for encrypting the secret key before sending it to the app-server.

Returns:
the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
See Also:
setKeyEncryptionTransformation(String)

setKeyEncryptionTransformation

public void setKeyEncryptionTransformation(String keyEncryptionTransformation)
Set the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.

Parameters:
keyEncryptionTransformation - the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
See Also:
getKeyEncryptionTransformation()

getKeyEncryptionPublicKey

public byte[] getKeyEncryptionPublicKey()
Get the public key to be used to encrypt the symmetric secret key.

Returns:
the public key to be used to encrypt the symmetric secret key.

setKeyEncryptionPublicKey

public void setKeyEncryptionPublicKey(byte[] keyEncryptionPublicKey)
Set the public key to be used to encrypt the symmetric secret key.

Parameters:
keyEncryptionPublicKey - the public key to be used to encrypt the symmetric secret key.

Cumulus4j API
(1.1.0)

Copyright © 2013 NightLabs Consulting GmbH. All Rights Reserved.