Cumulus4j API
(1.2.0-SNAPSHOT)

org.cumulus4j.keystore
Class DateDependentKeyStrategy

java.lang.Object
  extended by org.cumulus4j.keystore.DateDependentKeyStrategy

public class DateDependentKeyStrategy
extends Object

Key management strategy determining the currently active encryption key by the current time.

See Date-dependent key-strategy for further details.

Author:
Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de

Nested Class Summary
static class DateDependentKeyStrategy.ActiveKey
          Descriptor of the active key.
 
Field Summary
static String PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID
          Name of the Property where the key-strategy's timestamp-to-key-map is stored.
 
Constructor Summary
DateDependentKeyStrategy(KeyStore keyStore)
          Create a new instance for the given KeyStore.
 
Method Summary
 DateDependentKeyStrategy.ActiveKey getActiveKey(String authUserName, char[] authPassword, Date timestamp)
           Get the details of the key which is / was / will be active at the given timestamp.
 KeyStore getKeyStore()
          Get the KeyStore that was passed to DateDependentKeyStrategy(KeyStore).
 void init(String userName, char[] password, long keyActivityPeriodMSec, long keyStorePeriodMSec)
           Initialise an empty KeyStore.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID

public static final String PROPERTY_ACTIVE_FROM_TIMESTAMP_2_KEY_ID
Name of the Property where the key-strategy's timestamp-to-key-map is stored. The property is of type Long2LongSortedMapProperty.

See Also:
Constant Field Values
Constructor Detail

DateDependentKeyStrategy

public DateDependentKeyStrategy(KeyStore keyStore)
Create a new instance for the given KeyStore.

Parameters:
keyStore - the KeyStore to work with. Must not be null.
Method Detail

getKeyStore

public KeyStore getKeyStore()
Get the KeyStore that was passed to DateDependentKeyStrategy(KeyStore).

Returns:
the KeyStore this strategy instance works with. Never null.

init

public void init(String userName,
                 char[] password,
                 long keyActivityPeriodMSec,
                 long keyStorePeriodMSec)
          throws IOException,
                 KeyStoreNotEmptyException

Initialise an empty KeyStore.

This initialisation consists of creating a user and a few (thousand) keys. How many keys, depends on the parameters keyActivityPeriodMSec and keyStorePeriodMSec. The keys are added to a Long2LongSortedMapProperty (i.e. a Map) with the key being the "from-timestamp" and the value being the key-ID. The "from-timestamp" is the time (including) from which on the key will be used as "active encryption key". The "active encryption key" is the key, that will be used for encryption in the app-server at a certain moment in time.

Parameters:
userName - the initial user to be created.
password - the password for the initial user.
keyActivityPeriodMSec - how long (in millisec) should each key be valid. If < 1, the default value of 24 hours (= 86400000 msec) will be used.
keyStorePeriodMSec - how long should the key store have fresh, unused keys. This number divided by the keyActivityPeriodMSec determines, how many keys must be generated. If < 1, the default value of 50 years (50 * 365 days - ignoring leap years!) will be used.
Throws:
IOException - if writing to the key-store-file failed.
KeyStoreNotEmptyException - if the KeyStore is not empty.

getActiveKey

public DateDependentKeyStrategy.ActiveKey getActiveKey(String authUserName,
                                                       char[] authPassword,
                                                       Date timestamp)
                                                throws AuthenticationException

Get the details of the key which is / was / will be active at the given timestamp.

Parameters:
authUserName - the authenticated user authorizing this action.
authPassword - the password for authenticating the user specified by authUserName.
timestamp - the timestamp at which the active key should be determined. If null, NOW (new Date()) is assumed.
Returns:
the active key at the given timestamp.
Throws:
AuthenticationException - if the specified authUserName does not exist or the specified authPassword is not correct for the given authUserName.

Cumulus4j API
(1.2.0-SNAPSHOT)

Copyright © 2013 NightLabs Consulting GmbH. All Rights Reserved.