JSDoc: Class: GroupManager

new GroupManager(prefix, dataType, database, keySize, freshnessHours, keyChain)

A GroupManager manages keys and schedules for group members in a particular namespace. Create a group manager with the given values. The group manager namespace is /read/ .

Parameters:

Name	Type	Description
`prefix`	Name	The prefix for the group manager namespace.
`dataType`	Name	The data type for the group manager namespace.
`database`	GroupManagerDb	The GroupManagerDb for storing the group management information (including user public keys and schedules).
`keySize`	number	The group key will be an RSA key with keySize bits.
`freshnessHours`	number	The number of hours of the freshness period of data packets carrying the keys.
`keyChain`	KeyChain	The KeyChain to use for signing data packets. This signs with the default identity.

Source:

encrypt/group-manager.js, line 52

Methods

(static) memberKeysAdd_()

Add entry to memberKeys, sorted by entry.keyName. If there is already an entry with keyName, then don't add.

Source:

encrypt/group-manager.js, line 352

addMemberPromise(scheduleName, memberCertificate, useSync) → {Promise|SyncPromise}

Add a new member with the given memberCertificate into a schedule named scheduleName. If cert is an IdentityCertificate made from memberCertificate, then the member's identity name is cert.getPublicKeyName().getPrefix(-1).

Parameters:

Name	Type	Description
`scheduleName`	string	The schedule name.
`memberCertificate`	Data	The member's certificate.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 216

Returns:

A promise that fulfills when the member is added, or that is rejected with GroupManagerDb.Error if there's no schedule named scheduleName, if the member's identity name already exists, or other database error. Or a promise that is rejected with DerDecodingException for an error decoding memberCertificate as a certificate.

Type: Promise | SyncPromise

addSchedulePromise(scheduleName, schedule, useSync) → {Promise|SyncPromise}

Add a schedule with the given scheduleName.

Parameters:

Name	Type	Description
`scheduleName`	string	The name of the schedule. The name cannot be empty.
`schedule`	Schedule	The Schedule to add.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 159

Returns:

A promise that fulfills when the schedule is added, or that is rejected with GroupManagerDb.Error if a schedule with the same name already exists, if the name is empty, or other database error.

Type: Promise | SyncPromise

calculateIntervalPromise_(timeSlot, memberKeys, useSync) → {Promise|SyncPromise}

Calculate an Interval that covers the timeSlot.

Parameters:

Name	Type	Description
`timeSlot`	number	The time slot to cover as milliseconds since Jan 1, 1970 UTC.
`memberKeys`	Array.<object>	First clear memberKeys then fill it with the info of members who are allowed to access the interval. memberKeys is an array of object where "keyName" is the Name of the public key and "publicKey" is the Blob of the public key DER. The memberKeys entries are sorted by the entry keyName.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 276

Returns:

A promise that returns a new nterval covering the time slot, or that is rejected with GroupManagerDb.Error for a database error.

Type: Promise | SyncPromise

createDKeyDataPromise_(startTimeStamp, endTimeStamp, keyName, privateKeyBlob, certificateKey, useSync) → {Promise|SyncPromise}

Create a D-KEY Data packet with an EncryptedContent for the given private key, encrypted with the certificate key.

Parameters:

Name	Type	Description
`startTimeStamp`	string	The start time stamp string to put in the name.
`endTimeStamp`	string	The end time stamp string to put in the name.
`keyName`	Name	The key name to put in the data packet name and the EncryptedContent key locator.
`privateKeyBlob`	Blob	A Blob of the encoded private key.
`certificateKey`	Blob	The certificate key encoding, used to encrypt the private key.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 439

Returns:

A promise that returns the Data packet, or that is rejected with SecurityException for an error using the security KeyChain.

Type: Promise | SyncPromise

createEKeyDataPromise_(startTimeStamp, endTimeStamp, publicKeyBlob, useSync) → {Promise|SyncPromise}

Create an E-KEY Data packet for the given public key.

Parameters:

Name	Type	Description
`startTimeStamp`	string	The start time stamp string to put in the name.
`endTimeStamp`	string	The end time stamp string to put in the name.
`publicKeyBlob`	Blob	A Blob of the public key DER.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 408

Throws:

SecurityException for an error using the security KeyChain.

Returns:

The Data packet.
A promise that returns the Data packet, or that is rejected with SecurityException for an error using the security KeyChain.

Type

Promise | SyncPromise

deleteSchedulePromise(scheduleName, useSync) → {Promise|SyncPromise}

Delete the schedule with the given scheduleName. Also delete members which use this schedule. If there is no schedule with the name, then do nothing.

Parameters:

Name	Type	Description
`scheduleName`	string	The name of the schedule.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 176

Returns:

A promise that fulfills when the schedule is deleted (or there is no such schedule), or that is rejected with GroupManagerDb.Error for a database error.

Type: Promise | SyncPromise

generateKeyPairPromise_(useSync) → {Promise|SyncPromise}

Generate an RSA key pair according to keySize_.

Parameters:

Name	Type	Description
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 380

Returns:

A promise that returns an object where "privateKeyBlob" is the encoding Blob of the private key and "publicKeyBlob" is the encoding Blob of the public key.

Type: Promise | SyncPromise

getGroupKeyPromise(timeSlot, useSync) → {Promise|SyncPromise}

Create a group key for the interval into which timeSlot falls. This creates a group key if it doesn't exist, and encrypts the key using the public key of each eligible member.

Parameters:

Name	Type	Description
`timeSlot`	number	The time slot to cover as milliseconds since Jan 1, 1970 UTC.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 82

Returns:

A promise that returns a List of Data packets (where the first is the E-KEY data packet with the group's public key and the rest are the D-KEY data packets with the group's private key encrypted with the public key of each eligible member), or that is rejected with GroupManagerDb.Error for a database error or SecurityException for an error using the security KeyChain.

Type: Promise | SyncPromise

removeMemberPromise(identity, useSync) → {Promise|SyncPromise}

Remove a member with the given identity name. If there is no member with the identity name, then do nothing.

Parameters:

Name	Type	Description
`identity`	Name	The member's identity name.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 236

Returns:

A promise that fulfills when the member is removed (or there is no such member), or that is rejected with GroupManagerDb.Error for a database error.

Type: Promise | SyncPromise

updateMemberSchedulePromise(identity, scheduleName, useSync) → {Promise|SyncPromise}

Change the name of the schedule for the given member's identity name.

Parameters:

Name	Type	Description
`identity`	Name	The member's identity name.
`scheduleName`	string	The new schedule name.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 253

Returns:

A promise that fulfills when the member is updated, or that is rejected with GroupManagerDb.Error if there's no member with the given identity name in the database, or there's no schedule named scheduleName.

Type: Promise | SyncPromise

updateSchedulePromise(scheduleName, schedule, useSync) → {Promise|SyncPromise}

Update the schedule with scheduleName and replace the old object with the given schedule. Otherwise, if no schedule with name exists, a new schedule with name and the given schedule will be added to database.

Parameters:

Name	Type	Description
`scheduleName`	string	The name of the schedule. The name cannot be empty.
`schedule`	Schedule	The Schedule to update or add.
`useSync`	boolean	(optional) If true then return a SyncPromise which is already fulfilled. If omitted or false, this may return a SyncPromise or an async Promise.

Source:

encrypt/group-manager.js, line 195

Returns:

A promise that fulfills when the schedule is updated, or that is rejected with GroupManagerDb.Error if the name is empty, or other database error.

Type: Promise | SyncPromise