Package net.shibboleth.shared.security
Interface DataSealerKeyStrategy
- All Known Implementing Classes:
BasicKeystoreKeyStrategy,ScriptedKeyStrategy
public interface DataSealerKeyStrategy
Interface for acquiring secret keys on behalf of the
DataSealer class,
this principally abstracts methods of handling key versioning moreso than actual
access to keys, by optimizing access to keys in accordance with the manner in which
key rollover is handled.
Implementations are expected to guarantee good performance for access to a current "default" key, and may offer less performance on access to non-default keys.
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final recordEncapsulates a named key managed by a strategy. -
Method Summary
Modifier and TypeMethodDescriptionDeprecated, for removal: This API element is subject to removal in a future version.default DataSealerKeyStrategy.NamedKeyGet an immutable record of the default named key.Get a specifically named key.
-
Method Details
-
getDefaultKey
@Deprecated(since="9.0.0", forRemoval=true) @Nonnull Pair<String,SecretKey> getDefaultKey() throws KeyExceptionDeprecated, for removal: This API element is subject to removal in a future version.Get the default/current key to use for new operations, returned along with an identifier for it.- Returns:
- the key
- Throws:
KeyException- if the key cannot be returned
-
getDefaultKeyRecord
Get an immutable record of the default named key.- Returns:
- default key record
- Throws:
KeyException- if the key is unobtainable
-
getKey
Get a specifically named key.- Parameters:
name- name of the key to retrieve- Returns:
- the key
- Throws:
KeyException- if the key cannot be returned, does not exist, etc.
-