Package io.token.security

Class TokenCryptoEngine

java.lang.Object

io.token.security.TokenCryptoEngine

All Implemented Interfaces:

CryptoEngine

public final class TokenCryptoEngine
extends java.lang.Object
implements CryptoEngine

Token implementation of the CryptoEngine. The keys are persisted in the provided storage.

Field Summary

Fields

Modifier and Type	Field	Description
static io.token.security.crypto.CryptoType	DEFAULT_CRYPTO_TYPE

Constructor Summary

Constructors

Constructor	Description
TokenCryptoEngine(java.lang.String memberId, KeyStore keyStore)	Creates an instance of a crypto engine for the default crypto type (EDDSA).
TokenCryptoEngine(java.lang.String memberId, KeyStore keyStore, io.token.security.crypto.CryptoType cryptoType)	Creates an instance.

Method Summary

Modifier and Type	Method	Description
io.token.security.Signer	createSigner(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)	Creates a new signer that uses a key of specified level. Note, that if there are several same-level keys, a random one is used to create a signer.
io.token.security.Signer	createSigner(java.lang.String keyId)	Creates a new signer using a key with a specified id.
io.token.security.Verifier	createVerifier(java.lang.String keyId)	Verifies the payload signature.
void	deleteKeys()	Deletes all the keys of this CryptoEngine.
io.token.proto.common.security.SecurityProtos.Key	generateKey(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)	Generates keys of the specified level.
io.token.proto.common.security.SecurityProtos.Key	generateKey(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel, long expiresAtMs)	Generates a key of the specified level with the provided expiration date.
java.util.List<io.token.proto.common.security.SecurityProtos.Key>	getPublicKeys()	Returns public keys that the CryptoEngine can use to sign.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.token.security.CryptoEngine

createSignerForLevelAtLeast

Field Detail

DEFAULT_CRYPTO_TYPE

public static final io.token.security.crypto.CryptoType DEFAULT_CRYPTO_TYPE

Constructor Detail

TokenCryptoEngine

public TokenCryptoEngine(java.lang.String memberId,
                         KeyStore keyStore)

Creates an instance of a crypto engine for the default crypto type (EDDSA).

Parameters:

memberId - member ID

keyStore - key store

TokenCryptoEngine

public TokenCryptoEngine(java.lang.String memberId,
                         KeyStore keyStore,
                         io.token.security.crypto.CryptoType cryptoType)

Creates an instance.

Parameters:

memberId - member ID

keyStore - key store

cryptoType - crypto type

Method Detail

generateKey

public io.token.proto.common.security.SecurityProtos.Key generateKey(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)

Description copied from interface: CryptoEngine

Generates keys of the specified level. If the key with the specified level already exists, it is replaced. Old key is still kept around because it could be used for signature verification later.

Specified by:

generateKey in interface CryptoEngine

Parameters:

keyLevel - key privilege level

Returns:

newly generated key information

generateKey

public io.token.proto.common.security.SecurityProtos.Key generateKey(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel,
                                                                     long expiresAtMs)

Description copied from interface: CryptoEngine

Generates a key of the specified level with the provided expiration date. If the key with the specified level already exists, they both are maintained in the crypto engine.

Specified by:

generateKey in interface CryptoEngine

Parameters:

keyLevel - key privilege level

expiresAtMs - expiration date in milliseconds

Returns:

newly generated key information

createSigner

public io.token.security.Signer createSigner(io.token.proto.common.security.SecurityProtos.Key.Level keyLevel)

Description copied from interface: CryptoEngine

Creates a new signer that uses a key of specified level.
Note, that if there are several same-level keys, a random one is used to create a signer. If you need to create a signer for a specific key, create a signer using the key id.

Specified by:

createSigner in interface CryptoEngine

Parameters:

keyLevel - level of the key to use

Returns:

signer that is used to generate digital signatures

createSigner

public io.token.security.Signer createSigner(java.lang.String keyId)

Description copied from interface: CryptoEngine

Creates a new signer using a key with a specified id.

Specified by:

createSigner in interface CryptoEngine

Parameters:

keyId - key id

Returns:

signer that is used to generate digital signatures

createVerifier

public io.token.security.Verifier createVerifier(java.lang.String keyId)

Description copied from interface: CryptoEngine

Verifies the payload signature.

Specified by:

createVerifier in interface CryptoEngine

Parameters:

keyId - key id

Returns:

signature verifier

getPublicKeys

public java.util.List<io.token.proto.common.security.SecurityProtos.Key> getPublicKeys()

Description copied from interface: CryptoEngine

Returns public keys that the CryptoEngine can use to sign.

Specified by:

getPublicKeys in interface CryptoEngine

Returns:

list of public keys

deleteKeys

public void deleteKeys()

Description copied from interface: CryptoEngine

Deletes all the keys of this CryptoEngine.

Specified by:

deleteKeys in interface CryptoEngine