1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.certsrv.security;
import java.util.*;
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.cert.X509Certificate;
import netscape.security.x509.*;
import netscape.security.util.*;
import com.netscape.certsrv.base.*;
import org.mozilla.jss.crypto.PrivateKey;
/**
* An interface represents a encryption unit.
*
* @version $Revision$, $Date$
*/
public interface IEncryptionUnit extends IToken {
/**
* Retrieves the public key in this unit.
*
* @return public key
*/
public PublicKey getPublicKey();
/**
* Wraps data. The given key will be wrapped by the
* private key in this unit.
*
* @param priKey private key to be wrapped
* @return wrapped data
* @exception EBaseException failed to wrap
*/
public byte[] wrap(PrivateKey priKey) throws EBaseException;
/**
* Verifies the given key pair.
*
* @param publicKey public key
* @param privateKey private key
*/
public void verify(PublicKey publicKey, PrivateKey privateKey) throws
EBaseException;
/**
* Unwraps data. This method rebuilds the private key by
* unwrapping the private key data.
*
* @param sessionKey session key that unwrap the private key
* @param symmAlgOID symmetric algorithm
* @param symmAlgParams symmetric algorithm parameters
* @param privateKey private key data
* @param pubKey public key
* @return private key object
* @exception EBaseException failed to unwrap
*/
public PrivateKey unwrap(byte sessionKey[], String symmAlgOID,
byte symmAlgParams[], byte privateKey[],
PublicKey pubKey)
throws EBaseException;
/**
* Unwraps data. This method rebuilds the private key by
* unwrapping the private key data.
*
* @param privateKey private key data
* @param pubKey public key object
* @return private key object
* @exception EBaseException failed to unwrap
*/
public PrivateKey unwrap(byte privateKey[], PublicKey pubKey)
throws EBaseException;
/**
* Encrypts the internal private key (private key to the KRA's
* internal storage).
*
* @param rawPrivate user's private key (key to be archived)
* @return encrypted data
* @exception EBaseException failed to encrypt
*/
public byte[] encryptInternalPrivate(byte rawPrivate[])
throws EBaseException;
/**
* Decrypts the internal private key (private key from the KRA's
* internal storage).
*
* @param wrappedPrivateData unwrapped private key data (key to be recovered)
* @return raw private key
* @exception EBaseException failed to decrypt
*/
public byte[] decryptInternalPrivate(byte wrappedPrivateData[])
throws EBaseException;
/**
* Decrypts the external private key (private key from the end-user).
*
* @param sessionKey session key that protects the user private
* @param symmAlgOID symmetric algorithm
* @param symmAlgParams symmetric algorithm parameters
* @param privateKey private key data
* @return private key data
* @exception EBaseException failed to decrypt
*/
public byte[] decryptExternalPrivate(byte sessionKey[],
String symmAlgOID,
byte symmAlgParams[], byte privateKey[])
throws EBaseException;
}
|
