The SecurityManagerBase Class
Table 4–7 lists the methods belonging to the SecurityManagerBase class. This abstract class serves as a base for implementations of the The SecurityManager Class.
Table 4–7 Class com.sun.mep.client.api.SecurityManagerBase|
Method |
Description |
|---|---|
|
public final byte[] computeKey(java.lang.String pin) |
Computes an encryption key from the specified pin. This method takes an arbitrary-length clear-text pin entered by the user and creates a fixed-length digest suitable for use by the encrypt and decrypt methods. |
|
public static final byte[] computeMD5Digest(byte[] dataBytes) |
Computes an MD5 hash of the specified byte[]. |
|
public static final byte[] computeMD5Digest(java.lang.String data) |
Computes an MD5 hash of the specified string. |
|
public final byte[] decrypt(byte[] cipherText) |
Callback handler to perform decryption of data on device. The MEP runtime will invoke this method whenever it is necessary to decrypt data. |
|
public final byte[] encrypt(byte[] plainText) |
Callback handler to perform encryption of data on device. The MEP runtime will invoke this method whenever it is necessary to encrypt data. |
|
public final byte[] getKey() |
Returns the value of the key. |
|
public final boolean isPinSet() |
Returns true if the user has never logged into the application. Use this method to determine when the credentials need to be stored on the device. |
|
public void setKey(byte[] key) |
Set the key on the SecurityManager so it can be used during callbacks to encrypt and decrypt data on the device. |
|
public final void storeCredentials(java.lang.String secret) |
Persists derivatives of the pin/key and the supplied secret on the device. These derivatives are used upon subsequent logins to validate the pin. The secret can be any non-null, non-zero length alphanumeric string. Typically, the application developer would prompt the user to enter a random sequence of key presses on the device and pass that value into this method. This is a single-use value, so the user does not need to remember it. This method should only be called once, when the user needs to set their pin number (that is, if isFirstLogin() returns true). |
|
public final boolean validatePin(java.lang.String pin) |
Determines if the pin is able to recompute the derivatives stored on the device in storeCredentials(byte[], String). If so, it returns true, else it returns false. This method also keeps track of how many times it has been invoked. If it exceeds the maximum number of allowed attempts (getMaxValidationAttempts()), then a SecurityException is thrown, unless getMaxValidationAttempts() returns 0. |
- © 2010, Oracle Corporation and/or its affiliates