Cumulus4j API
(1.1.0)

org.cumulus4j.keymanager.back.shared
Class GetKeyRequest

java.lang.Object
  extended by org.cumulus4j.keymanager.back.shared.Message
      extended by org.cumulus4j.keymanager.back.shared.Request
          extended by org.cumulus4j.keymanager.back.shared.GetKeyRequest
All Implemented Interfaces:
Serializable

public class GetKeyRequest
extends Request

Request implementation to get a specific symmetric secret key.

In order to prevent an attacker dumping an app-server's memory from gaining access to all the data, Cumulus4j uses many different keys for encryption. Usually, it rotates the encryption key once per day, but different settings are possible (e.g. once per hour for the very paranoid).

Which key was used to encrypt which record is stored together with the record in the keyID. Whenever a record (data or index) needs to be decrypted, the corresponding key is requested from the key-manager via this request.

Author:
Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de
See Also:
GetKeyResponse, Serialized Form

Constructor Summary
GetKeyRequest()
          Create an empty instance of GetKeyRequest.
GetKeyRequest(String cryptoSessionID, long keyID, String keyEncryptionTransformation, byte[] keyEncryptionPublicKey)
          Create an instance of GetKeyRequest for asking the key-manager about a certain symmetric secret key.
 
Method Summary
 byte[] getKeyEncryptionPublicKey()
          Get the public key to be used to encrypt the symmetric secret key.
 String getKeyEncryptionTransformation()
           Get the asymmetric encryption algorithm to be used to encrypt the symmetric secret key.
 long getKeyID()
          Get the identifier of the requested symmetric secret key.
 void setKeyEncryptionPublicKey(byte[] keyEncryptionPublicKey)
          Set the public key to be used to encrypt the symmetric secret key.
 void setKeyEncryptionTransformation(String keyEncryptionTransformation)
          Set the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
 void setKeyID(long keyID)
          Set the identifier of the requested symmetric secret key.
 
Methods inherited from class org.cumulus4j.keymanager.back.shared.Request
getCryptoSessionID, getCryptoSessionIDPrefix, setCryptoSessionID, toString
 
Methods inherited from class org.cumulus4j.keymanager.back.shared.Message
equals, getRequestID, hashCode, setRequestID
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

GetKeyRequest

public GetKeyRequest()
Create an empty instance of GetKeyRequest. Only used for serialisation/deserialisation.


GetKeyRequest

public GetKeyRequest(String cryptoSessionID,
                     long keyID,
                     String keyEncryptionTransformation,
                     byte[] keyEncryptionPublicKey)
Create an instance of GetKeyRequest for asking the key-manager about a certain symmetric secret key.

Parameters:
cryptoSessionID - the identifier of the crypto-session in which the request should be processed. It must exist and be unlocked for this request to succeed.
keyID - the identifier of the key requested by the app-server.
keyEncryptionTransformation - the asymmetric encryption algorithm (with padding) that should be used by the key-manager to encrypt the symmetric secret key, before sending it to the app-server. For example "RSA//OAEPWITHSHA1ANDMGF1PADDING".
keyEncryptionPublicKey - the public key to be used by the key-manager to encrypt the key when sending it back to the app-server.
Method Detail

getKeyID

public long getKeyID()
Get the identifier of the requested symmetric secret key.

Returns:
the identifier of the requested symmetric secret key.
See Also:
setKeyID(long)

setKeyID

public void setKeyID(long keyID)
Set the identifier of the requested symmetric secret key.

Parameters:
keyID - the identifier of the requested symmetric secret key.
See Also:
getKeyID()

getKeyEncryptionTransformation

public String getKeyEncryptionTransformation()

Get the asymmetric encryption algorithm to be used to encrypt the symmetric secret key.

The key-manager uses this transformation (which should include a padding, e.g. "RSA//OAEPWITHSHA1ANDMGF1PADDING") to obtain a Cipher for encrypting the secret key before sending it to the app-server.

Returns:
the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
See Also:
setKeyEncryptionTransformation(String)

setKeyEncryptionTransformation

public void setKeyEncryptionTransformation(String keyEncryptionTransformation)
Set the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.

Parameters:
keyEncryptionTransformation - the asymmetric encryption algorithm to be used when encrypting the symmetric secret key.
See Also:
getKeyEncryptionTransformation()

getKeyEncryptionPublicKey

public byte[] getKeyEncryptionPublicKey()
Get the public key to be used to encrypt the symmetric secret key.

Returns:
the public key to be used to encrypt the symmetric secret key.

setKeyEncryptionPublicKey

public void setKeyEncryptionPublicKey(byte[] keyEncryptionPublicKey)
Set the public key to be used to encrypt the symmetric secret key.

Parameters:
keyEncryptionPublicKey - the public key to be used to encrypt the symmetric secret key.

Cumulus4j API
(1.1.0)

Copyright © 2013 NightLabs Consulting GmbH. All Rights Reserved.