The present application relates generally to an improved data processing apparatus and method and more specifically to mechanisms for calculating state of cryptographic objects and generating search filters for querying cryptographic objects based on the given state or on the given combination of unique states.
Cryptography is used to secure many information-technology systems, ranging from encrypting data on storage and establishing virtual private networks to protecting communication with mobile devices and using certificates for e-commerce over the Internet. All uses of cryptography rely on the proper keys being present. Key management deals with the lifecycle of cryptographic keys, with operations for creating, importing, storing, reading, updating, exporting, and deleting keys, and with distributing keys before they are used in cryptographic functions. An important aspect is to manage the attributes of keys that govern their usage and their relation to other keys.
The lifecycle of any cryptographic object, such as a cryptographic key, involves state transitions. Some of these state transitions happen automatically with the passage of time and some are triggered by the keepers of the cryptographic object. Knowing the most up-to-date state of a cryptographic object is required for applications that manage cryptographic objects to make correct decisions about the future disposition of the object or the new state's impact on the object's current use. Consequently, applications that manage cryptographic objects must be able to search for cryptographic objects in a certain state or combination of unique states.