Package co.ankatech.ankasecure.sdk.model
Class ImportKeySpec
Object
ImportKeySpec
ImportKeySpec is a streamlined model for clients to import an
existing cryptographic key (public or private material, or both),
without exposing the entire internal OpenAPI KeyImportRequest
class. This helps maintain decoupling and a simpler public API surface.
This class includes the minimal fields required for importing a key,
such as kid, kty, alg, publicKey, privateKey, keyOps, etc.
Expiration fields (expiresAt and softLimitExpiration)
are represented as ZonedDateTime objects, avoiding the need
for manual ISO-8601 formatting. The SDK will handle serialization
when calling the underlying service.
Example usage:
ImportKeySpec spec = new ImportKeySpec();
spec.setKid("myImportedKey");
spec.setKty("RSA");
spec.setAlg("RSA-2048");
spec.setPublicKey("BASE64-OR-PEM-PUBLIC");
// Optionally, set privateKey if you have it
spec.setPrivateKey("BASE64-OR-PEM-PRIVATE");
// Timestamps as ZonedDateTime for absolute expiration
spec.setExpiresAt(ZonedDateTime.parse("2030-06-30T23:59:59Z"));
spec.setSoftLimitExpiration(ZonedDateTime.parse("2029-12-31T23:59:59Z"));
// Usage limits, if needed
spec.setMaxUsageLimit(50000);
spec.setSoftUsageLimit(40000);
mySdk.importKey(spec);
Example JSON (if this object were serialized directly):
{
"modelVersion": "v1.0",
"kid": "myImportedKey",
"kty": "RSA",
"alg": "RSA-2048",
"publicKey": "BASE64-OR-PEM-PUBLIC",
"privateKey": "BASE64-OR-PEM-PRIVATE",
"keyOps": ["encrypt","decrypt","sign","verify"],
"exportable": true,
"expiresAt": "2030-06-30T23:59:59Z",
"softLimitExpiration": "2029-12-31T23:59:59Z",
"maxUsageLimit": 50000,
"softUsageLimit": 40000
}
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptiongetAlg()Gets the algorithm name.Gets the absolute expiration date/time in UTC.Indicates if this key is exportable from the secure store.Gets the permitted key operations.getKid()Gets the key identifier (kid).getKty()Gets the key type (kty).Gets the maximum usage limit for this key. 0 or null = unlimited.Gets the modelVersion if any was provided (e.g., "v1.0").Gets the private key content (Base64 or PEM).Gets the public key content (Base64 or PEM).Gets the soft-limit expiration date/time in UTC.Gets the soft usage limit, which triggers warnings before reachingmaxUsageLimit.voidSets the algorithm name, e.g.voidsetExpiresAt(ZonedDateTime expiresAt) Sets the absolute expiration date/time in UTC.voidsetExportable(Boolean exportable) Sets whether this key is exportable.voidSets a list of permitted operations on this key, e.g.voidSets the key identifier (kid).voidSets the key type, e.g.voidsetMaxUsageLimit(Integer maxUsageLimit) Sets the maximum usage limit for this key. 0 or null = unlimited.voidsetModelVersion(String modelVersion) Sets the modelVersion if provided.voidsetPrivateKey(String privateKey) Sets the private key (Base64 or PEM).voidsetPublicKey(String publicKey) Sets the public key content (Base64 or PEM).voidsetSoftLimitExpiration(ZonedDateTime softLimitExpiration) Sets the soft-limit expiration date/time in UTC.voidsetSoftUsageLimit(Integer softUsageLimit) Sets the soft usage limit for this key.
-
Constructor Details
-
ImportKeySpec
public ImportKeySpec()No-args constructor.
-
-
Method Details
-
getModelVersion
Gets the modelVersion if any was provided (e.g., "v1.0").- Returns:
- the modelVersion string
-
setModelVersion
Sets the modelVersion if provided. It's optional and unused otherwise.- Parameters:
modelVersion- the version string from export
-
getKid
Gets the key identifier (kid).- Returns:
- kid
-
setKid
Sets the key identifier (kid). Must be non-null.- Parameters:
kid- the unique key identifier
-
getKty
Gets the key type (kty).- Returns:
- kty
-
setKty
Sets the key type, e.g. "RSA", "EC", "oct", "ML-KEM".- Parameters:
kty- the key type
-
getAlg
Gets the algorithm name.- Returns:
- alg
-
setAlg
Sets the algorithm name, e.g. "RSA-2048", "AES-256", "ML-KEM-768".- Parameters:
alg- the algorithm
-
getPublicKey
Gets the public key content (Base64 or PEM).- Returns:
- publicKey
-
setPublicKey
Sets the public key content (Base64 or PEM). For symmetric keys, this can be null.- Parameters:
publicKey- the public key in Base64 or PEM
-
getPrivateKey
Gets the private key content (Base64 or PEM).- Returns:
- privateKey
-
setPrivateKey
Sets the private key (Base64 or PEM). For symmetric keys (kty=oct), this may contain the entire secret.- Parameters:
privateKey- the private or secret key material
-
getKeyOps
Gets the permitted key operations.- Returns:
- keyOps
-
setKeyOps
Sets a list of permitted operations on this key, e.g. ["encrypt","decrypt"].- Parameters:
keyOps- a list of key operations
-
getExportable
Indicates if this key is exportable from the secure store.- Returns:
- true if exportable, false if not, or null if unspecified
-
setExportable
Sets whether this key is exportable.- Parameters:
exportable- true if exportable, false otherwise
-
getExpiresAt
Gets the absolute expiration date/time in UTC.- Returns:
- expiresAt or null
-
setExpiresAt
Sets the absolute expiration date/time in UTC. If you set this, the key may become invalid after this time.- Parameters:
expiresAt- a ZonedDateTime in UTC
-
getSoftLimitExpiration
Gets the soft-limit expiration date/time in UTC.- Returns:
- softLimitExpiration or null
-
setSoftLimitExpiration
Sets the soft-limit expiration date/time in UTC. Once reached, the system may issue warnings, but the key might still be usable untilexpiresAt.- Parameters:
softLimitExpiration- a ZonedDateTime in UTC
-
getMaxUsageLimit
Gets the maximum usage limit for this key. 0 or null = unlimited.- Returns:
- maxUsageLimit
-
setMaxUsageLimit
Sets the maximum usage limit for this key. 0 or null = unlimited.- Parameters:
maxUsageLimit- the limit
-
getSoftUsageLimit
Gets the soft usage limit, which triggers warnings before reachingmaxUsageLimit.- Returns:
- softUsageLimit
-
setSoftUsageLimit
Sets the soft usage limit for this key. If null, the system may default it tomaxUsageLimit.- Parameters:
softUsageLimit- the soft limit
-