01: /*
02: * <copyright>
03: *
04: * Copyright 1997-2004 Networks Associates Technology, Inc
05: * under sponsorship of the Defense Advanced Research Projects
06: * Agency (DARPA).
07: *
08: * You can redistribute this software and/or modify it under the
09: * terms of the Cougaar Open Source License as published on the
10: * Cougaar Open Source Website (www.cougaar.org).
11: *
12: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
13: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
14: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
15: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
16: * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
17: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
18: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
22: * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23: *
24: * </copyright>
25: *
26: * CHANGE RECORD
27: * -
28: */
29:
30: package org.cougaar.core.service;
31:
32: import java.io.IOException;
33:
34: /**
35: * Implementations of this interface contain a secret key used to
36: * encrypt/decrypt persisted data. The getOutputStream method of the
37: * PersistenceProtectionService places the (encrypted) key used for
38: * encrypting the output stream in the envelope. The getInputStream
39: * method, retrieves the key from the envelope to decrypt the input
40: * stream. In addition, the PersistenceProtectionServiceClient has an
41: * iterator method that returns an iterator over a collection of
42: * PersistedKeyEnvelopes. When the PersistenceProtectionService
43: * iterates over the keys, it uses the getPersistedKey() method to
44: * retrieve the key. The PersistenceProtectionService can re-encrypt
45: * the key if it wishes, and call setPersistedKey() to notify the
46: * service client that it should persist the new key.
47: */
48: public interface DataProtectionKeyEnvelope {
49: /**
50: * Returns the persisted key in this envelope.
51: */
52: DataProtectionKey getDataProtectionKey() throws IOException;
53:
54: /**
55: * Saves an updated key to persisted storage.
56: */
57: void setDataProtectionKey(DataProtectionKey pk) throws IOException;
58: }
|