Package co.ankatech.ankasecure.sdk.model

Class ExportedKeySpec

Object
ExportedKeySpec
public class ExportedKeySpec extends Object

ExportedKeySpec is a streamlined model representing an exported cryptographic key. It contains metadata (e.g. key type, algorithm, usage counts, timestamps) without exposing the entire internal OpenAPI ExportKey200Response class.

Unlike the OpenAPI model (which uses strings for date/time fields), this class uses ZonedDateTime for fields like createdAt, expiresAt, softLimitExpiration, and lastUsedAt, to avoid manual ISO-8601 parsing. The SDK handles conversion to/from string internally, making usage simpler.

Typically, you obtain an instance of this class by calling sdk.exportKey(kid), which returns an ExportedKeySpec object. The private key is never returned in an export response, so this class does not contain a privateKey field.

Example usage: 


 ExportedKeySpec eks = sdk.exportKey("myKeyId");
 System.out.println("Kid: " + eks.getKid());
 System.out.println("Public key: " + eks.getPublicKey());

Example JSON (produced by an export operation): 


 {
   "modelVersion": "v1.0",
   "kid": "myKeyId",
   "uuid": "6fff1a2d-3a69-49be-bb61-53623e9a6c1c",
   "kty": "RSA",
   "alg": "RSA-2048",
   "publicKey": "BASE64-PUBLIC-KEY",
   "keyOps": ["encrypt", "decrypt"],
   "exportable": true,
   "createdAt": "2025-03-14T18:32:59.570053200Z",
   "expiresAt": "2125-03-14T18:32:59.570053200Z",
   "softLimitExpiration": "2125-03-14T18:32:59.570053200Z",
   "usageCount": 42,
   "lastUsedAt": "2025-03-20T08:00:00Z",
   "softUsageLimit": 10000,
   "maxUsageLimit": 20000,
   "status": "ACTIVE",
   "nextKid": "myRotatedKeyId",
   "previousKid": "myOlderKeyId",
   "hash": "a334bc206cbc52eaabdd958c69f5d99ad7ae86e84f4c..."
 }

  • Constructor Details

    • ExportedKeySpec

      public ExportedKeySpec()
      No-args constructor.

  • Method Details

    • getModelVersion

      public String getModelVersion()
      Gets the model or schema version.
      Returns:
      modelVersion

    • setModelVersion

      public void setModelVersion(String modelVersion)
      Sets the model or schema version for this key representation.
      Parameters:
      modelVersion - the version string (e.g. "v1.0")

    • getKid

      public String getKid()
      Gets the key identifier (kid).
      Returns:
      kid

    • setKid

      public void setKid(String kid)
      Sets the key identifier (kid).
      Parameters:
      kid - a unique key identifier

    • getUuid

      public String getUuid()
      Gets the internal UUID for this key.
      Returns:
      uuid or null if not assigned

    • setUuid

      public void setUuid(String uuid)
      Sets the internal UUID for this key.
      Parameters:
      uuid - a UUID string

    • getKty

      public String getKty()
      Gets the key type (kty).
      Returns:
      kty

    • setKty

      public void setKty(String kty)
      Sets the key type, e.g. "RSA", "EC", "oct", "ML-KEM".
      Parameters:
      kty - the key type

    • getAlg

      public String getAlg()
      Gets the algorithm, e.g. "RSA-2048", "ML-KEM-768", etc.
      Returns:
      the algorithm string

    • setAlg

      public void setAlg(String alg)
      Sets the algorithm, e.g. "RSA-2048", "ML-KEM-512".
      Parameters:
      alg - the algorithm

    • getPublicKey

      public String getPublicKey()
      Gets the public key portion, if applicable.
      Returns:
      the public key in Base64 or PEM, or null

    • setPublicKey

      public void setPublicKey(String publicKey)
      Sets the public key portion, if applicable.
      Parameters:
      publicKey - the public key in Base64 or PEM format

    • getKeyOps

      public List<String> getKeyOps()
      Gets the permitted key operations.
      Returns:
      a list of key operations

    • setKeyOps

      public void setKeyOps(List<String> keyOps)
      Sets the permitted key operations.
      Parameters:
      keyOps - a list of operations, e.g. ["encrypt", "decrypt"]

    • getExportable

      public Boolean getExportable()
      Indicates if this key is exportable from the secure store.
      Returns:
      true if exportable, false otherwise or null if not specified

    • setExportable

      public void setExportable(Boolean exportable)
      Sets whether this key is exportable.
      Parameters:
      exportable - true if exportable, false otherwise

    • getCreatedAt

      public ZonedDateTime getCreatedAt()
      Gets the UTC time when this key was created.
      Returns:
      createdAt or null

    • setCreatedAt

      public void setCreatedAt(ZonedDateTime createdAt)
      Sets the creation time of this key (UTC).
      Parameters:
      createdAt - a ZonedDateTime

    • getExpiresAt

      public ZonedDateTime getExpiresAt()
      Gets the hard expiration time of the key (UTC).
      Returns:
      expiresAt or null if not set

    • setExpiresAt

      public void setExpiresAt(ZonedDateTime expiresAt)
      Sets the hard expiration time of the key (UTC).
      Parameters:
      expiresAt - a ZonedDateTime

    • getSoftLimitExpiration

      public ZonedDateTime getSoftLimitExpiration()
      Gets the soft-limit expiration (UTC).
      Returns:
      softLimitExpiration or null

    • setSoftLimitExpiration

      public void setSoftLimitExpiration(ZonedDateTime softLimitExpiration)
      Sets the soft-limit expiration (UTC). The system may warn or restrict usage after this time.
      Parameters:
      softLimitExpiration - a ZonedDateTime

    • getUsageCount

      public Integer getUsageCount()
      Gets the usage count (how many times this key has been used).
      Returns:
      usageCount or null if not tracked

    • setUsageCount

      public void setUsageCount(Integer usageCount)
      Sets the current usage count for this key.
      Parameters:
      usageCount - an integer for how many times this key was used

    • getLastUsedAt

      public ZonedDateTime getLastUsedAt()
      Gets the last time this key was used (UTC).
      Returns:
      lastUsedAt or null if not tracked

    • setLastUsedAt

      public void setLastUsedAt(ZonedDateTime lastUsedAt)
      Sets the last time this key was used (UTC).
      Parameters:
      lastUsedAt - a ZonedDateTime

    • getSoftUsageLimit

      public Integer getSoftUsageLimit()
      Gets the soft usage limit for this key.
      Returns:
      softUsageLimit or null

    • setSoftUsageLimit

      public void setSoftUsageLimit(Integer softUsageLimit)
      Sets the soft usage limit for this key, used to trigger warnings before reaching the max usage limit.
      Parameters:
      softUsageLimit - an integer or null

    • getMaxUsageLimit

      public Integer getMaxUsageLimit()
      Gets the maximum usage limit for this key. 0 or null = unlimited.
      Returns:
      maxUsageLimit

    • setMaxUsageLimit

      public void setMaxUsageLimit(Integer maxUsageLimit)
      Sets the maximum usage limit for this key. 0 or null = unlimited.
      Parameters:
      maxUsageLimit - an integer or null

    • getStatus

      public String getStatus()
      Gets the current status of the key (e.g. "ACTIVE", "EXPIRED", "REVOKED").
      Returns:
      status or null

    • setStatus

      public void setStatus(String status)
      Sets the current status of this key, e.g. "ACTIVE", "EXPIRED", "REVOKED".
      Parameters:
      status - a string representing the key status

    • getNextKid

      public String getNextKid()
      If this key was rotated to a new key, the new key's kid.
      Returns:
      nextKid

    • setNextKid

      public void setNextKid(String nextKid)
      Sets the next key ID if this key was rotated to a newer key.
      Parameters:
      nextKid - the next key's identifier

    • getPreviousKid

      public String getPreviousKid()
      If this key was rotated from an older key, the old key's kid.
      Returns:
      previousKid

    • setPreviousKid

      public void setPreviousKid(String previousKid)
      Sets the previous key ID if this key was rotated from an older key.
      Parameters:
      previousKid - the older key's identifier

    • getHash

      public String getHash()
      Gets the hash or fingerprint used for integrity checks.
      Returns:
      hash or null if not set

    • setHash

      public void setHash(String hash)
      Sets the hash or fingerprint used for integrity checks.
      Parameters:
      hash - a string representing the key's hash