new GroupManager(prefix, dataType, database, keySize, freshnessHours, keyChain)
A GroupManager manages keys and schedules for group members in a particular
namespace.
Create a group manager with the given values. The group manager namespace
is /read/ .
Parameters:
| Name | Type | Description |
|---|---|---|
prefix |
Name | The prefix for the group manager namespace. |
dataType |
Name | The data type for the group manager namespace. |
database |
GroupManagerDb | The GroupManagerDb for storing the group management information (including user public keys and schedules). |
keySize |
number | The group key will be an RSA key with keySize bits. |
freshnessHours |
number | The number of hours of the freshness period of data packets carrying the keys. |
keyChain |
KeyChain | The KeyChain to use for signing data packets. This signs with the default identity. |
- Source:
Methods
(static) memberKeysAdd_()
Add entry to memberKeys, sorted by entry.keyName. If there is already an
entry with keyName, then don't add.
- Source:
addEKeyPromise_(eKeyName, publicKey, privateKey, useSync) → {Promise|SyncPromise}
Add the EKey with name eKeyName to the database.
Parameters:
| Name | Type | Description |
|---|---|---|
eKeyName |
Name | The name of the EKey. This copies the Name. |
publicKey |
Blob | The encoded public Key of the group key pair. |
privateKey |
Blob | The encoded private Key of the group key pair. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the EKey is added,
or that is rejected with GroupManagerDb.Error if a key with name eKeyName
already exists in the database, or other database error.
- Type
- Promise | SyncPromise
addMemberPromise(scheduleName, memberCertificate, useSync) → {Promise|SyncPromise}
Add a new member with the given memberCertificate into a schedule named
scheduleName. If cert is an IdentityCertificate made from memberCertificate,
then the member's identity name is cert.getPublicKeyName().getPrefix(-1).
Parameters:
| Name | Type | Description |
|---|---|---|
scheduleName |
string | The schedule name. |
memberCertificate |
Data | The member's certificate. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the member is
added, or that is rejected with GroupManagerDb.Error if there's no schedule
named scheduleName, if the member's identity name already exists, or other
database error. Or a promise that is rejected with DerDecodingException for
an error decoding memberCertificate as a certificate.
- Type
- Promise | SyncPromise
addSchedulePromise(scheduleName, schedule, useSync) → {Promise|SyncPromise}
Add a schedule with the given scheduleName.
Parameters:
| Name | Type | Description |
|---|---|---|
scheduleName |
string | The name of the schedule. The name cannot be empty. |
schedule |
Schedule | The Schedule to add. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the schedule is
added, or that is rejected with GroupManagerDb.Error if a schedule with the
same name already exists, if the name is empty, or other database error.
- Type
- Promise | SyncPromise
calculateIntervalPromise_(timeSlot, memberKeys, useSync) → {Promise|SyncPromise}
Calculate an Interval that covers the timeSlot.
Parameters:
| Name | Type | Description |
|---|---|---|
timeSlot |
number | The time slot to cover as milliseconds since Jan 1, 1970 UTC. |
memberKeys |
Array.<object> | First clear memberKeys then fill it with the info of members who are allowed to access the interval. memberKeys is an array of object where "keyName" is the Name of the public key and "publicKey" is the Blob of the public key DER. The memberKeys entries are sorted by the entry keyName. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that returns a new nterval covering
the time slot, or that is rejected with GroupManagerDb.Error for a database
error.
- Type
- Promise | SyncPromise
cleanEKeysPromise(useSync) → {Promise|SyncPromise}
Delete all the EKeys in the database. The database will keep growing because
EKeys will keep being added, so this method should be called periodically.
Parameters:
| Name | Type | Description |
|---|---|---|
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the EKeys are
deleted, or that is rejected with GroupManagerDb.Error for a database error.
- Type
- Promise | SyncPromise
createDKeyDataPromise_(startTimeStamp, endTimeStamp, keyName, privateKeyBlob, certificateKey, useSync) → {Promise|SyncPromise}
Create a D-KEY Data packet with an EncryptedContent for the given private
key, encrypted with the certificate key.
Parameters:
| Name | Type | Description |
|---|---|---|
startTimeStamp |
string | The start time stamp string to put in the name. |
endTimeStamp |
string | The end time stamp string to put in the name. |
keyName |
Name | The key name to put in the data packet name and the EncryptedContent key locator. |
privateKeyBlob |
Blob | A Blob of the encoded private key. |
certificateKey |
Blob | The certificate key encoding, used to encrypt the private key. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that returns the Data packet, or that
is rejected with SecurityException for an error using the security KeyChain.
- Type
- Promise | SyncPromise
createEKeyDataPromise_(startTimeStamp, endTimeStamp, publicKeyBlob, useSync) → {Promise|SyncPromise}
Create an E-KEY Data packet for the given public key.
Parameters:
| Name | Type | Description |
|---|---|---|
startTimeStamp |
string | The start time stamp string to put in the name. |
endTimeStamp |
string | The end time stamp string to put in the name. |
publicKeyBlob |
Blob | A Blob of the public key DER. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Throws:
SecurityException for an error using the security KeyChain.
Returns:
-
The Data packet.
-
A promise that returns the Data packet, or that is rejected with SecurityException for an error using the security KeyChain.
- Type
- Promise | SyncPromise
deleteEKeyPromise_(eKeyName, useSync) → {Promise|SyncPromise}
Delete the EKey with name eKeyName from the database. If no key with the
name exists in the database, do nothing.
Parameters:
| Name | Type | Description |
|---|---|---|
eKeyName |
Name | The name of the EKey. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the EKey is
deleted (or there is no such key), or that is rejected with
GroupManagerDb.Error for a database error.
- Type
- Promise | SyncPromise
deleteSchedulePromise(scheduleName, useSync) → {Promise|SyncPromise}
Delete the schedule with the given scheduleName. Also delete members which
use this schedule. If there is no schedule with the name, then do nothing.
Parameters:
| Name | Type | Description |
|---|---|---|
scheduleName |
string | The name of the schedule. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the schedule is
deleted (or there is no such schedule), or that is rejected with
GroupManagerDb.Error for a database error.
- Type
- Promise | SyncPromise
generateKeyPairPromise_(useSync) → {Promise|SyncPromise}
Generate an RSA key pair according to keySize_.
Parameters:
| Name | Type | Description |
|---|---|---|
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that returns an object where
"privateKeyBlob" is the encoding Blob of the private key and "publicKeyBlob"
is the encoding Blob of the public key.
- Type
- Promise | SyncPromise
getEKeyPromise_(eKeyName, useSync) → {Promise|SyncPromise}
Get the group key pair with the name eKeyName from the database.
Parameters:
| Name | Type | Description |
|---|---|---|
eKeyName |
Name | The name of the EKey. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that returns an object (where
"publicKey" is the public key Blob and "privateKey" is the private key Blob),
or that is rejected with GroupManagerDb.Error for a database error.
- Type
- Promise | SyncPromise
getGroupKeyPromise(timeSlot, needRegenerate, useSync) → {Promise|SyncPromise}
Create a group key for the interval into which timeSlot falls. This creates
a group key if it doesn't exist, and encrypts the key using the public key of
each eligible member.
Parameters:
| Name | Type | Description |
|---|---|---|
timeSlot |
number | The time slot to cover as milliseconds since Jan 1, 1970 UTC. |
needRegenerate |
boolean | (optional) needRegenerate should be true if this is the first time this method is called, or a member was removed. needRegenerate can be false if this is not the first time this method is called, or a member was added. If omitted, use true. If useSync is specified, then needRegenerate must also be specified (since this can't disambiguate two optional boolean parameters). |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. If useSync is specified, then needRegenerate must also be specified (since this can't disambiguate two optional boolean parameters). |
- Source:
Returns:
A promise that returns a List of Data packets
(where the first is the E-KEY data packet with the group's public key and the
rest are the D-KEY data packets with the group's private key encrypted with
the public key of each eligible member), or that is rejected with
GroupManagerDb.Error for a database error or SecurityException for an error
using the security KeyChain.
- Type
- Promise | SyncPromise
removeMemberPromise(identity, useSync) → {Promise|SyncPromise}
Remove a member with the given identity name. If there is no member with
the identity name, then do nothing.
Parameters:
| Name | Type | Description |
|---|---|---|
identity |
Name | The member's identity name. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the member is
removed (or there is no such member), or that is rejected with
GroupManagerDb.Error for a database error.
- Type
- Promise | SyncPromise
updateMemberSchedulePromise(identity, scheduleName, useSync) → {Promise|SyncPromise}
Change the name of the schedule for the given member's identity name.
Parameters:
| Name | Type | Description |
|---|---|---|
identity |
Name | The member's identity name. |
scheduleName |
string | The new schedule name. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the member is
updated, or that is rejected with GroupManagerDb.Error if there's no member
with the given identity name in the database, or there's no schedule named
scheduleName.
- Type
- Promise | SyncPromise
updateSchedulePromise(scheduleName, schedule, useSync) → {Promise|SyncPromise}
Update the schedule with scheduleName and replace the old object with the
given schedule. Otherwise, if no schedule with name exists, a new schedule
with name and the given schedule will be added to database.
Parameters:
| Name | Type | Description |
|---|---|---|
scheduleName |
string | The name of the schedule. The name cannot be empty. |
schedule |
Schedule | The Schedule to update or add. |
useSync |
boolean | (optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise. |
- Source:
Returns:
A promise that fulfills when the schedule is
updated, or that is rejected with GroupManagerDb.Error if the name is empty,
or other database error.
- Type
- Promise | SyncPromise