DateDependentKeyStrategy (org.cumulus4j.aggregator 1.2.0-SNAPSHOT API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Cumulus4j API
(1.2.0-SNAPSHOT)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.cumulus4j.keystore
Class DateDependentKeyStrategy

java.lang.Object
  org.cumulus4j.keystore.DateDependentKeyStrategy

public class DateDependentKeyStrategy
extends Object
extends Object

Key management strategy determining the currently active encryption key by the current time.

See Date-dependent key-strategy for further details.

Author:: Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de

Nested Class Summary
`static class`	`DateDependentKeyStrategy.ActiveKey` Descriptor of the active key.

Field Summary
`static String`	`PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID` Name of the `Property` where the key-strategy's timestamp-to-key-map is stored.

Constructor Summary
`DateDependentKeyStrategy(KeyStore keyStore)` Create a new instance for the given `KeyStore`.

Method Summary
`DateDependentKeyStrategy.ActiveKey`	`getActiveKey(String authUserName, char[] authPassword, Date timestamp)` Get the details of the key which is / was / will be active at the given `timestamp`.
`KeyStore`	`getKeyStore()` Get the `KeyStore` that was passed to `DateDependentKeyStrategy(KeyStore)`.
`void`	`init(String userName, char[] password, long keyActivityPeriodMSec, long keyStorePeriodMSec)` Initialise an `empty` `KeyStore`.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID

public static final String PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID

Name of the Property where the key-strategy's timestamp-to-key-map is stored. The property is of type Long2LongSortedMapProperty.

See Also:: Constant Field Values

Constructor Detail

DateDependentKeyStrategy

public DateDependentKeyStrategy(KeyStore keyStore)

Create a new instance for the given KeyStore.

Parameters:: keyStore - the KeyStore to work with. Must not be null.

Method Detail

getKeyStore

public KeyStore getKeyStore()

Get the KeyStore that was passed to DateDependentKeyStrategy(KeyStore).

Returns:: the KeyStore this strategy instance works with. Never null.

init

public void init(String userName,
                 char[] password,
                 long keyActivityPeriodMSec,
                 long keyStorePeriodMSec)
          throws IOException,
                 KeyStoreNotEmptyException

Initialise an empty KeyStore.

This initialisation consists of creating a user and a few (thousand) keys. How many keys, depends on the parameters keyActivityPeriodMSec and keyStorePeriodMSec. The keys are added to a Long2LongSortedMapProperty (i.e. a Map) with the key being the "from-timestamp" and the value being the key-ID. The "from-timestamp" is the time (including) from which on the key will be used as "active encryption key". The "active encryption key" is the key, that will be used for encryption in the app-server at a certain moment in time.

Parameters:: userName - the initial user to be created.; password - the password for the initial user.; keyActivityPeriodMSec - how long (in millisec) should each key be valid. If < 1, the default value of 24 hours (= 86400000 msec) will be used.; keyStorePeriodMSec - how long should the key store have fresh, unused keys. This number divided by the keyActivityPeriodMSec determines, how many keys must be generated. If < 1, the default value of 50 years (50 * 365 days - ignoring leap years!) will be used.
Throws:: IOException - if writing to the key-store-file failed.; KeyStoreNotEmptyException - if the KeyStore is not empty.

getActiveKey

public DateDependentKeyStrategy.ActiveKey getActiveKey(String authUserName,
                                                       char[] authPassword,
                                                       Date timestamp)
                                                throws AuthenticationException

Get the details of the key which is / was / will be active at the given timestamp.

Parameters:: authUserName - the authenticated user authorizing this action.; authPassword - the password for authenticating the user specified by authUserName.; timestamp - the timestamp at which the active key should be determined. If null, NOW (new Date()) is assumed.
Returns:: the active key at the given timestamp.
Throws:: AuthenticationException - if the specified authUserName does not exist or the specified authPassword is not correct for the given authUserName.