001    /*
002     * Cumulus4j - Securing your data in the cloud - http://cumulus4j.org
003     * Copyright (C) 2011 NightLabs Consulting GmbH
004     *
005     * This program is free software: you can redistribute it and/or modify
006     * it under the terms of the GNU Affero General Public License as
007     * published by the Free Software Foundation, either version 3 of the
008     * License, or (at your option) any later version.
009     *
010     * This program is distributed in the hope that it will be useful,
011     * but WITHOUT ANY WARRANTY; without even the implied warranty of
012     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
013     * GNU Affero General Public License for more details.
014     *
015     * You should have received a copy of the GNU Affero General Public License
016     * along with this program.  If not, see <http://www.gnu.org/licenses/>.
017     */
018    package org.cumulus4j.store.crypto.keymanager;
019    
020    import java.util.Date;
021    
022    import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
023    import org.cumulus4j.crypto.CryptoRegistry;
024    
025    /**
026     * {@link CryptoCache}-entry wrapping a {@link AsymmetricCipherKeyPair key-pair} used for asymmetric en-/decryption of secret keys.
027     * @author Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de
028     */
029    public class CryptoCacheKeyEncryptionKeyEntry
030    {
031            private AsymmetricCipherKeyPair keyPair;
032    
033            private Date expiry;
034    
035            /**
036             * Create an instance.
037             * @param keyPair the key-pair used for en-/decrypting secret keys.
038             * @param keyEncryptionKeyActivePeriodMSec the length (in milliseconds) how long the key-pair should be used.
039             */
040            protected CryptoCacheKeyEncryptionKeyEntry(AsymmetricCipherKeyPair keyPair, long keyEncryptionKeyActivePeriodMSec)
041            {
042                    if (keyPair == null)
043                            throw new IllegalArgumentException("keyPair == null");
044    
045                    this.keyPair = keyPair;
046                    this.expiry = new Date(System.currentTimeMillis() + keyEncryptionKeyActivePeriodMSec);
047            }
048    
049            /**
050             * Get the timestamp after which the key-pair expires. This instance of <code>CryptoCacheKeyEncryptionKeyEntry</code>
051             * should be evicted then.
052             * @return the timestamp after which the key-pair expires; never <code>null</code>.
053             */
054            public Date getExpiry() {
055                    return expiry;
056            }
057    
058            /**
059             * Determine, if this entry is expired.
060             * @return <code>true</code>, if the key-pair is expired and should not be used anymore; <code>false</code> otherwise.
061             */
062            public boolean isExpired()
063            {
064                    return new Date().after(expiry);
065            }
066    
067            /**
068             * Get the key-pair.
069             * @return the key-pair; never <code>null</code>.
070             */
071            public AsymmetricCipherKeyPair getKeyPair() {
072                    return keyPair;
073            }
074    
075            private byte[] encodedPublicKey;
076    
077            /**
078             * Get the encoded (serialised) public key. This can be sent to the remote key-manager where
079             * {@link CryptoRegistry#decodePublicKey(byte[])} can be used to decode (deserialise) the byte array
080             * again.
081             * @return the encoded (serialised) public key.
082             */
083            public byte[] getEncodedPublicKey()
084            {
085                    if (encodedPublicKey == null)
086                            encodedPublicKey = CryptoRegistry.sharedInstance().encodePublicKey(keyPair.getPublic());
087    
088                    return encodedPublicKey;
089            }
090    }