diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java')
-rw-r--r-- | pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java | 131 |
1 files changed, 71 insertions, 60 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java index 257232a47..b268073e0 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -37,11 +38,13 @@ import com.netscape.certsrv.security.Credential; import com.netscape.certsrv.security.IStorageKeyUnit; import com.netscape.certsrv.security.ITransportKeyUnit; + /** - * An interface represents key recovery authority. The key recovery authority is - * responsibile for archiving and recovering user encryption private keys. + * An interface represents key recovery authority. The + * key recovery authority is responsibile for archiving + * and recovering user encryption private keys. * <P> - * + * * @version $Revision$, $Date$ */ public interface IKeyRecoveryAuthority extends ISubsystem { @@ -68,7 +71,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Returns the name of this subsystem. * <P> - * + * * @return KRA name */ public X500Name getX500Name(); @@ -76,28 +79,30 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Retrieves KRA request repository. * <P> - * + * * @return request repository */ public IRequestQueue getRequestQueue(); /** - * Retrieves the key repository. The key repository stores archived keys. + * Retrieves the key repository. The key repository + * stores archived keys. * <P> */ public IKeyRepository getKeyRepository(); /** * Retrieves the Replica ID repository. - * + * * @return KRA's Replica ID repository */ public IReplicaIDRepository getReplicaRepository(); /** - * Enables the auto recovery state. Once KRA is in the auto recovery state, - * no recovery agents need to be present for providing credentials. This - * feature is for enabling user-based recovery operation. + * Enables the auto recovery state. Once KRA is in the auto + * recovery state, no recovery agents need to be present for + * providing credentials. This feature is for enabling + * user-based recovery operation. * <p> * * @param cs list of agent credentials @@ -108,16 +113,17 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Returns the current auto recovery state. - * + * * @return true if auto recvoery state is on */ public boolean getAutoRecoveryState(); /** - * Adds credentials to the given authorizated recovery operation. In - * distributed recovery mode, recovery agent login to the agent interface - * and submit its credential for a particular recovery operation. - * + * Adds credentials to the given authorizated recovery operation. + * In distributed recovery mode, recovery agent login to the + * agent interface and submit its credential for a particular + * recovery operation. + * * @param id authorization identifier * @param creds list of credentials */ @@ -125,129 +131,131 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Removes a particular auto recovery operation. - * + * * @param id authorization identifier */ public void removeAutoRecovery(String id); /** - * Returns the number of required agents. In M-out-of-N recovery schema, - * only M agents are required even there are N agents. This method returns - * M. - * + * Returns the number of required agents. In M-out-of-N + * recovery schema, only M agents are required even there + * are N agents. This method returns M. + * * @return number of required agents */ public int getNoOfRequiredAgents() throws EBaseException; /** * Sets the number of required recovery agents - * + * * @param number number of agents */ public void setNoOfRequiredAgents(int number) throws EBaseException; /** * Returns the current recovery identifier. - * + * * @return recovery identifier */ public String getRecoveryID(); /** * Returns a list of recovery identifiers. - * + * * @return list of auto recovery identifiers */ public Enumeration getAutoRecoveryIDs(); /** - * Returns the storage key unit that manages the stoarge key. - * + * Returns the storage key unit that manages the + * stoarge key. + * * @return storage key unit */ public IStorageKeyUnit getStorageKeyUnit(); /** - * Returns the transport key unit that manages the transport key. - * + * Returns the transport key unit that manages the + * transport key. + * * @return transport key unit */ public ITransportKeyUnit getTransportKeyUnit(); /** - * Returns the token that generates user key pairs for supporting - * server-side keygen - * + * Returns the token that generates user key pairs for supporting server-side keygen + * * @return keygen token */ public CryptoToken getKeygenToken(); /** * Adds entropy to the token used for supporting server-side keygen - * Parameters are set in the config file - * - * @param logflag create log messages at info level to report entropy - * shortage + * Parameters are set in the config file + * @param logflag create log messages at info level to report entropy shortage */ - public void addEntropy(boolean logflag); + public void addEntropy(boolean logflag); + /** - * Returns the request listener that listens on the request completion - * event. - * + * Returns the request listener that listens on + * the request completion event. + * * @return request listener */ public IRequestListener getRequestInQListener(); /** - * Returns policy processor of the key recovery authority. - * + * Returns policy processor of the key recovery + * authority. + * * @return policy processor */ public IPolicyProcessor getPolicyProcessor(); /** * Returns the nickname of the transport certificate. - * + * * @return transport certificate nickname. */ public String getNickname(); /** * Sets the nickname of the transport certificate. - * + * * @param str nickname */ public void setNickname(String str); /** * Returns the new nickname of the transport certifiate. - * + * * @return new nickname */ public String getNewNickName() throws EBaseException; /** * Sets the new nickname of the transport certifiate. - * + * * @param name new nickname */ public void setNewNickName(String name); /** * Logs event into key recovery authority logging. - * + * * @param level log level * @param msg log message */ public void log(int level, String msg); /** - * Creates a request object to store attributes that will not be serialized. - * Currently, request queue framework will try to serialize all the - * attribute into persistent storage. Things like passwords are not + * Creates a request object to store attributes that + * will not be serialized. Currently, request queue + * framework will try to serialize all the attribute into + * persistent storage. Things like passwords are not * desirable to be stored. - * + * * @param id request id * @return volatile requests */ @@ -255,7 +263,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Retrieves the request object. - * + * * @param id request id * @return volatile requests */ @@ -263,30 +271,32 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Destroys the request object. - * + * * @param id request id */ public void destroyVolatileRequest(RequestId id); - public Vector getAppAgents(String recoveryID) throws EBaseException; + public Vector getAppAgents( + String recoveryID) throws EBaseException; /** * Creates error for a specific recovery operation. - * + * * @param recoveryID recovery id * @param error error * @exception EBaseException failed to create error */ public void createError(String recoveryID, String error) - throws EBaseException; + throws EBaseException; /** * Retrieves error by recovery identifier. - * + * * @param recoveryID recovery id * @return error message */ - public String getError(String recoveryID) throws EBaseException; + public String getError(String recoveryID) + throws EBaseException; /** * Retrieves PKCS12 package by recovery identifier. @@ -294,16 +304,17 @@ public interface IKeyRecoveryAuthority extends ISubsystem { * @param recoveryID recovery id * @return pkcs12 package in bytes */ - public byte[] getPk12(String recoveryID) throws EBaseException; + public byte[] getPk12(String recoveryID) + throws EBaseException; /** * Creates PKCS12 package in memory. - * + * * @param recoveryID recovery id * @param pk12 package in bytes - */ + */ public void createPk12(String recoveryID, byte[] pk12) - throws EBaseException; + throws EBaseException; /** * Retrieves the transport certificate. |