K
- The type of the keys.@ThreadSafe public abstract class SafeKeyProvider<K extends SafeKey<K>> extends Object implements KeyProvider<K>
SafeKey
).
A clone of this key is returned on each call to getWriteKey()
and getReadKey(boolean)
.Modifier and Type | Field and Description |
---|---|
static int |
MIN_KEY_RETRY_DELAY
The minimum delay between subsequent attempts to verify a key in
milliseconds.
|
Modifier | Constructor and Description |
---|---|
protected |
SafeKeyProvider()
Constructs a new safe key provider.
|
Modifier and Type | Method and Description |
---|---|
protected K |
getKey() |
K |
getReadKey(boolean invalid)
Returns the secret key for reading a protected resource.
|
K |
getWriteKey()
Returns the secret key for writing a protected resource.
|
protected abstract void |
retrieveReadKey(boolean invalid)
Retrieves the secret key for the decryption of a protected resource.
|
protected abstract void |
retrieveWriteKey()
Retrieves the secret key for the encryption of a protected resource.
|
void |
setKey(K newKey)
Sets the secret key programmatically.
|
public static final int MIN_KEY_RETRY_DELAY
getReadKey(boolean)
by the same thread if the parameter invalid
is true
.@CheckForNull protected K getKey()
public final K getReadKey(boolean invalid) throws UnknownKeyException
Important: From a KeyProvider
perspective, a client is
not trustworthy!
Hence, the implementation should throttle the pace for the return from a
subsequent call to this method if the key is invalid in order to protect
against an exhaustive search for the correct key.
As a rule of thumb, at least three seconds should pass between two
consecutive calls to this method by the same thread.
The implementation in SafeKeyProvider
forwards the call to
retrieveReadKey(boolean)
and enforces a three seconds suspension penalty
if invalid
is true
before returning.
Because this method is final, this qualifies the implementation in
this class as a "safe" KeyProvider
implementation,
even when subclassed.
getReadKey
in interface KeyProvider<K extends SafeKey<K>>
invalid
- true
iff a previous call to this method returned
an invalid key.invalid
is true
, subsequent calls to this
method return a secret key which at least compares
equal
to this secret key, but is not
necessarily the same.UnknownKeyException
- If retrieveReadKey
throws
this exception or the secret key is still null
.public final K getWriteKey() throws UnknownKeyException
The implementation in SafeKeyProvider
forwards the call to
retrieveWriteKey()
.
getWriteKey
in interface KeyProvider<K extends SafeKey<K>>
equal
to this secret key,
but is not necessarily the same.UnknownKeyException
- If retrieveWriteKey
throws
this exception or the secret key is still null
.protected abstract void retrieveReadKey(boolean invalid) throws UnknownKeyException
Subsequent calls to this method may return the same object.
UnknownKeyException
- If the secret key is unknown.
At the subclasses discretion, this may mean that prompting for
the key has been disabled or cancelled by the user.getReadKey(boolean)
protected abstract void retrieveWriteKey() throws UnknownKeyException
Subsequent calls to this method may return the same object.
UnknownKeyException
- If the secret key is unknown.
At the subclasses discretion, this may mean that prompting for
the key has been disabled or cancelled by the user.getWriteKey()
public void setKey(@CheckForNull K newKey)
KeyProvider
KeyProvider.getReadKey(boolean)
in order to update
some properties of the secret key after it has been validated by the
client.
Implementations should make a protective copy of the given key in order to protect against subsequent modifications by the client.
setKey
in interface KeyProvider<K extends SafeKey<K>>
newKey
- the secret key.
If this is null
, this key provider is set to a state
as if prompting for the secret key had been cancelled.Copyright © 2005–2018 Schlichtherle IT Services. All rights reserved.