Class TokenCryptoEngine

  • All Implemented Interfaces:
    CryptoEngine

    public final class TokenCryptoEngine
    extends java.lang.Object
    implements CryptoEngine
    Token implementation of the CryptoEngine. The keys are persisted in the provided storage.
    • Constructor Summary

      Constructors 
      Constructor Description
      TokenCryptoEngine​(java.lang.String memberId, KeyStore keyStore)
      Creates an instance.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      io.token.security.Signer createSigner​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)
      Creates a new signer that uses a key of specified level.
      Note, that if there are several same-level keys, a random one is used to create a signer.
      io.token.security.Signer createSigner​(java.lang.String keyId)
      Creates a new signer using a key with a specified id.
      io.token.security.Verifier createVerifier​(java.lang.String keyId)
      Verifies the payload signature.
      void deleteKeys()
      Deletes all the keys of this CryptoEngine.
      io.token.proto.common.security.SecurityProtos.Key generateKey​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)
      Generates keys of the specified level.
      io.token.proto.common.security.SecurityProtos.Key generateKey​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel, long expiresAtMs)
      Generates a key of the specified level with the provided expiration date.
      java.util.List<io.token.proto.common.security.SecurityProtos.Key> getPublicKeys()
      Returns public keys that the CryptoEngine can use to sign.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • TokenCryptoEngine

        public TokenCryptoEngine​(java.lang.String memberId,
                                 KeyStore keyStore)
        Creates an instance.
        Parameters:
        memberId - member ID
        keyStore - key store
    • Method Detail

      • generateKey

        public io.token.proto.common.security.SecurityProtos.Key generateKey​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)
        Description copied from interface: CryptoEngine
        Generates keys of the specified level. If the key with the specified level already exists, it is replaced. Old key is still kept around because it could be used for signature verification later.
        Specified by:
        generateKey in interface CryptoEngine
        Parameters:
        keyLevel - key privilege level
        Returns:
        newly generated key information
      • generateKey

        public io.token.proto.common.security.SecurityProtos.Key generateKey​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel,
                                                                             long expiresAtMs)
        Description copied from interface: CryptoEngine
        Generates a key of the specified level with the provided expiration date. If the key with the specified level already exists, they both are maintained in the crypto engine.
        Specified by:
        generateKey in interface CryptoEngine
        Parameters:
        keyLevel - key privilege level
        expiresAtMs - expiration date in milliseconds
        Returns:
        newly generated key information
      • createSigner

        public io.token.security.Signer createSigner​(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)
        Description copied from interface: CryptoEngine
        Creates a new signer that uses a key of specified level.
        Note, that if there are several same-level keys, a random one is used to create a signer. If you need to create a signer for a specific key, create a signer using the key id.
        Specified by:
        createSigner in interface CryptoEngine
        Parameters:
        keyLevel - level of the key to use
        Returns:
        signer that is used to generate digital signatures
      • createSigner

        public io.token.security.Signer createSigner​(java.lang.String keyId)
        Description copied from interface: CryptoEngine
        Creates a new signer using a key with a specified id.
        Specified by:
        createSigner in interface CryptoEngine
        Parameters:
        keyId - key id
        Returns:
        signer that is used to generate digital signatures
      • createVerifier

        public io.token.security.Verifier createVerifier​(java.lang.String keyId)
        Description copied from interface: CryptoEngine
        Verifies the payload signature.
        Specified by:
        createVerifier in interface CryptoEngine
        Parameters:
        keyId - key id
        Returns:
        signature verifier
      • getPublicKeys

        public java.util.List<io.token.proto.common.security.SecurityProtos.Key> getPublicKeys()
        Description copied from interface: CryptoEngine
        Returns public keys that the CryptoEngine can use to sign.
        Specified by:
        getPublicKeys in interface CryptoEngine
        Returns:
        list of public keys
      • deleteKeys

        public void deleteKeys()
        Description copied from interface: CryptoEngine
        Deletes all the keys of this CryptoEngine.
        Specified by:
        deleteKeys in interface CryptoEngine