issrg.SAWS
Class TCBKeystoreManagement

java.lang.Object
  extended by issrg.SAWS.TCBKeystoreManagement

public class TCBKeystoreManagement
extends java.lang.Object

Class to manage the key store.

Author:
W.Xu, E. Silva

Constructor Summary
TCBKeystoreManagement(java.lang.String signkeystoreLocation, int numOfPassShares, java.lang.String encKeystoreLocation, int numOfEncPassShares, java.lang.String rootCAPara, java.lang.String vtPKCPara, int debugLevel, java.lang.String signingAlgName)
          Creates a new instance of TCBKeystoreManagement.
TCBKeystoreManagement(java.lang.String signkeystoreLocation, int numOfPassShares, java.lang.String encKeystoreLocation, int numOfEncPassShares, java.lang.String rootCAPara, java.lang.String vtPKCPara, int debugLevel, java.lang.String signingAlgName, javax.security.auth.callback.CallbackHandler ch)
           
 
Method Summary
 void checkEncKeystoreFile()
          Checks if the encryption keystore exists.
 void checkSigningKeystoreFile()
          Checks if the signing keystore exists.
 void createEncryptionKeystore()
          Method that creates the SAWS's encryption key store.
 void createSigningKeystore()
          Method that creates the SAWS's signing key store.
 void exportSigningPKC()
          Method that exports the Public Key Certificate in the signing key store.
 byte[] getbaSigningPublicKeyCert()
           
 javax.crypto.spec.PBEParameterSpec getparamSpec()
           
 java.security.PublicKey getrootCAPublicKey()
           
 java.security.PrivateKey getsawsEncryptionPrivateKey()
           
 java.security.PublicKey getsawsEncryptionPublicKey()
           
 java.security.PrivateKey getsawsSigningPrivateKey()
           
 java.security.PublicKey getsawsSigningPublicKey()
           
 javax.crypto.SecretKey getsawsTCBSecretKey()
           
 java.lang.String getsigningAlgName()
           
 java.security.PublicKey getvtEncryptionPublicKey()
           
 void importRootCA()
          Method that imports the root CA certificate specified in SAWS's configuration file (saws.xml).
 void importSigningPKC()
          Method that imports the Public Key Certificate signed by a Certificate Authority to the signing key store.
 void listSigningKeystore()
          Method that lists all the certificates in the signing key store.
 void outputPKCRequest()
          Method that creates public key certificate request file, to be signed by a Certificate Authority.
 void readKeystores()
          This method reads in the signing keypair and the encryption keypair, generates the symmetric key used for reading and writing lastSN and lastHash files.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TCBKeystoreManagement

public TCBKeystoreManagement(java.lang.String signkeystoreLocation,
                             int numOfPassShares,
                             java.lang.String encKeystoreLocation,
                             int numOfEncPassShares,
                             java.lang.String rootCAPara,
                             java.lang.String vtPKCPara,
                             int debugLevel,
                             java.lang.String signingAlgName)
Creates a new instance of TCBKeystoreManagement.


TCBKeystoreManagement

public TCBKeystoreManagement(java.lang.String signkeystoreLocation,
                             int numOfPassShares,
                             java.lang.String encKeystoreLocation,
                             int numOfEncPassShares,
                             java.lang.String rootCAPara,
                             java.lang.String vtPKCPara,
                             int debugLevel,
                             java.lang.String signingAlgName,
                             javax.security.auth.callback.CallbackHandler ch)
Method Detail

checkSigningKeystoreFile

public void checkSigningKeystoreFile()
Checks if the signing keystore exists. SAWS stops if this keystore is missing.


checkEncKeystoreFile

public void checkEncKeystoreFile()
Checks if the encryption keystore exists. SAWS stops if this keystore is missing.


readKeystores

public void readKeystores()
This method reads in the signing keypair and the encryption keypair, generates the symmetric key used for reading and writing lastSN and lastHash files. Called by SAWSServer().


getrootCAPublicKey

public java.security.PublicKey getrootCAPublicKey()

getvtEncryptionPublicKey

public java.security.PublicKey getvtEncryptionPublicKey()

getsawsEncryptionPublicKey

public java.security.PublicKey getsawsEncryptionPublicKey()

getsawsEncryptionPrivateKey

public java.security.PrivateKey getsawsEncryptionPrivateKey()

getsawsSigningPrivateKey

public java.security.PrivateKey getsawsSigningPrivateKey()

getsawsSigningPublicKey

public java.security.PublicKey getsawsSigningPublicKey()

getbaSigningPublicKeyCert

public byte[] getbaSigningPublicKeyCert()

getsigningAlgName

public java.lang.String getsigningAlgName()

getsawsTCBSecretKey

public javax.crypto.SecretKey getsawsTCBSecretKey()

getparamSpec

public javax.crypto.spec.PBEParameterSpec getparamSpec()

outputPKCRequest

public void outputPKCRequest()
Method that creates public key certificate request file, to be signed by a Certificate Authority.


exportSigningPKC

public void exportSigningPKC()
Method that exports the Public Key Certificate in the signing key store.


importSigningPKC

public void importSigningPKC()
Method that imports the Public Key Certificate signed by a Certificate Authority to the signing key store.


createEncryptionKeystore

public void createEncryptionKeystore()
Method that creates the SAWS's encryption key store.


createSigningKeystore

public void createSigningKeystore()
Method that creates the SAWS's signing key store.


importRootCA

public void importRootCA()
Method that imports the root CA certificate specified in SAWS's configuration file (saws.xml).


listSigningKeystore

public void listSigningKeystore()
Method that lists all the certificates in the signing key store. The list of certificates will be displayed according to the Callback handler specified in the configuration file (saws.xml).