VaultManager (security 1.0 API)

java.lang.Object
- net.e6tech.elements.security.vault.VaultManager

public class VaultManager
extends java.lang.Object

Created by futeh.

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`DATA_VAULT`
`static java.lang.String`	`KEY_VAULT`
`static java.lang.String`	`LOCAL_VAULT`
`static java.lang.String`	`USER_VAULT`

Constructor Summary

Constructors
Constructor and Description

VaultManager()

Constructors
Constructor and Description
`VaultManager()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`byte[]`	`_decrypt(java.lang.String encoded)`
`void`	`addKeyPair(java.lang.String alias, DualEntry dualEntry)` Adding a public private key.
`void`	`addSecretData(java.lang.String alias, ClearText ct, DualEntry dualEntry)` Adding secret to the data vault.
`void`	`addUser(Credential newUser, Credential existingUser)`
`java.lang.String`	`authorize(Credential credential)`
`void`	`changePassphrase(DualEntry dualEntry)` Change secret password.
`void`	`changePassword(java.lang.String user, char[] oldPwd, char[] newPwd)`
`void`	`close()`
`byte[]`	`decrypt(java.lang.String token, java.lang.String secret)`
`byte[]`	`decrypt(java.lang.String token, java.lang.String key, java.lang.String secret, java.lang.String iv)`
`byte[]`	`decryptPrivate(java.lang.String secret)`
`java.lang.String`	`encrypt(java.lang.String token, java.lang.String key, byte[] data, java.lang.String iv)`
`java.lang.String`	`encryptPublic(byte[] data)`
`java.lang.String`	`generateKey(DualEntry dualEntry)`
`AsymmetricCipher`	`getAsymmetricCipher()`
`long`	`getAuthorizationDuration()`
`VaultStore`	`getKeyDataStore()`
`java.security.spec.RSAPublicKeySpec`	`getPublicKey()`
`ClearText`	`getSecretData(Credential credential, java.lang.String alias)`
`ClearText`	`getSecretData(Credential credential, java.lang.String alias, java.lang.String version)`
`ClearText`	`getSecretData(java.lang.String token, java.lang.String alias)`
`ClearText`	`getSecretData(java.lang.String token, java.lang.String alias, java.lang.String version)`
`SymmetricCipher`	`getSymmetricCipher()`
`VaultStore`	`getUserLocalStore()`
`void`	`newMasterKey(DualEntry dualEntry)`
`void`	`open(DualEntry dualEntry)`
`void`	`passphraseLock(java.lang.String alias, ClearText ct, DualEntry dualEntry)`
`ClearText`	`passphraseUnlock(java.lang.String alias, Credential credential)`
`ClearText`	`passphraseUnlock(java.lang.String token, java.lang.String alias)`
`java.lang.String`	`renew(java.lang.String token)`
`void`	`save()`
`void`	`setAuthorizationDuration(long authorizationDuration)`
`void`	`setKeyDataStore(VaultStore keyDataStore)`
`void`	`setUserLocalStore(VaultStore userLocalStore)`
`boolean`	`validateUser(java.lang.String user, char[] password)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEY_VAULT

public static final java.lang.String KEY_VAULT

See Also:: Constant Field Values

USER_VAULT

public static final java.lang.String USER_VAULT

See Also:: Constant Field Values

DATA_VAULT

public static final java.lang.String DATA_VAULT

See Also:: Constant Field Values

LOCAL_VAULT

public static final java.lang.String LOCAL_VAULT

See Also:: Constant Field Values

Constructor Detail
- VaultManager
```
public VaultManager()
```

Method Detail

getAuthorizationDuration

public long getAuthorizationDuration()

setAuthorizationDuration

public void setAuthorizationDuration(long authorizationDuration)

getKeyDataStore
```
public VaultStore getKeyDataStore()
```

setKeyDataStore

public void setKeyDataStore(VaultStore keyDataStore)

getUserLocalStore
```
public VaultStore getUserLocalStore()
```

setUserLocalStore

public void setUserLocalStore(VaultStore userLocalStore)

getSymmetricCipher

public SymmetricCipher getSymmetricCipher()

getAsymmetricCipher

public AsymmetricCipher getAsymmetricCipher()

getPublicKey

public java.security.spec.RSAPublicKeySpec getPublicKey()
                                                 throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

validateUser

public boolean validateUser(java.lang.String user,
                            char[] password)

authorize

public java.lang.String authorize(Credential credential)
                           throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

renew

public java.lang.String renew(java.lang.String token)
                       throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

addKeyPair
```
public void addKeyPair(java.lang.String alias,
                       DualEntry dualEntry)
                throws java.security.GeneralSecurityException
```
Adding a public private key. The key is treated as if it is regular data and store in the data vault. As always, data vault items are encrypted with m-key

Parameters:

alias - alias of the key

dualEntry - dual entry containing authentication info for two users.

Throws:

java.security.GeneralSecurityException - general exception

addSecretData

public void addSecretData(java.lang.String alias,
                          ClearText ct,
                          DualEntry dualEntry)
                   throws java.security.GeneralSecurityException

Adding secret to the data vault. It will be encrypted by m-key when stored.

Parameters:: alias - alias of the secret data; dualEntry - dual entry containing authentication info for two users.
Throws:: java.security.GeneralSecurityException - general exception

getSecretData

public ClearText getSecretData(java.lang.String token,
                               java.lang.String alias)
                        throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

getSecretData

public ClearText getSecretData(java.lang.String token,
                               java.lang.String alias,
                               java.lang.String version)
                        throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

getSecretData

public ClearText getSecretData(Credential credential,
                               java.lang.String alias)
                        throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

getSecretData

public ClearText getSecretData(Credential credential,
                               java.lang.String alias,
                               java.lang.String version)
                        throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

generateKey

public java.lang.String generateKey(DualEntry dualEntry)
                             throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

encrypt

public java.lang.String encrypt(java.lang.String token,
                                java.lang.String key,
                                byte[] data,
                                java.lang.String iv)
                         throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

decrypt

public byte[] decrypt(java.lang.String token,
                      java.lang.String key,
                      java.lang.String secret,
                      java.lang.String iv)
               throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

decrypt

public byte[] decrypt(java.lang.String token,
                      java.lang.String secret)
               throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

encryptPublic

public java.lang.String encryptPublic(byte[] data)
                               throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

decryptPrivate

public byte[] decryptPrivate(java.lang.String secret)
                      throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

addUser

public void addUser(Credential newUser,
                    Credential existingUser)
             throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

changePassword

public void changePassword(java.lang.String user,
                           char[] oldPwd,
                           char[] newPwd)
                    throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

passphraseLock

public void passphraseLock(java.lang.String alias,
                           ClearText ct,
                           DualEntry dualEntry)
                    throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

passphraseUnlock

public ClearText passphraseUnlock(java.lang.String alias,
                                  Credential credential)
                           throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

passphraseUnlock

public ClearText passphraseUnlock(java.lang.String token,
                                  java.lang.String alias)
                           throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

newMasterKey

public void newMasterKey(DualEntry dualEntry)
                  throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

changePassphrase
```
public void changePassphrase(DualEntry dualEntry)
                      throws java.security.GeneralSecurityException,
                             java.io.IOException
```
Change secret password. We need to take the following steps: 1. check user access. 2. generate new components for user 1 and 2. 3. remove all other users 4. re-encrypt everything in local vault 5. re-encrypt keys in the database. We need to iterate through all version for each alias.

Parameters:

dualEntry - dual entry containing authentication info for two users.

Throws:

java.security.GeneralSecurityException

java.io.IOException

_decrypt

public byte[] _decrypt(java.lang.String encoded)
                throws java.security.GeneralSecurityException

Throws:: java.security.GeneralSecurityException

save

public void save()
          throws java.io.IOException

Throws:: java.io.IOException

close

public void close()
           throws java.io.IOException

Throws:: java.io.IOException

open

public void open(DualEntry dualEntry)
          throws java.security.GeneralSecurityException,
                 java.io.IOException

Throws:: java.security.GeneralSecurityException; java.io.IOException

Class VaultManager

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

KEY_VAULT

USER_VAULT

DATA_VAULT

LOCAL_VAULT

Constructor Detail

VaultManager

Method Detail

getAuthorizationDuration

setAuthorizationDuration

getKeyDataStore

setKeyDataStore

getUserLocalStore

setUserLocalStore

getSymmetricCipher

getAsymmetricCipher

getPublicKey

validateUser

authorize

renew

addKeyPair

addSecretData

getSecretData

getSecretData

getSecretData

getSecretData

generateKey

encrypt

decrypt

decrypt

encryptPublic

decryptPrivate

addUser

changePassword

passphraseLock

passphraseUnlock

passphraseUnlock

newMasterKey

changePassphrase

_decrypt

save

close

open