net.shibboleth.utilities.java.support.security

Interface DataSealerKeyStrategy

All Known Implementing Classes:

BasicKeystoreKeyStrategy

public interface DataSealerKeyStrategy

Interface for acquiring secret keys on behalf of the DataSealer class, this principally abstracts methods of handling key versioning moreso than actual access to keys, by optimizing access to keys in accordance with the manner in which key rollover is handled.

Implementations are expected to guarantee good performance for access to a current "default" key, and may offer less performance on access to non-default keys.

Method Summary

Methods

Modifier and Type	Method and Description
Pair<String,SecretKey>	getDefaultKey() Get the default/current key to use for new operations, returned along with an identifier for it.
SecretKey	getKey(String name) Get a specifically named key.

Method Detail

getDefaultKey

@Nonnull
Pair<String,SecretKey> getDefaultKey()
                                     throws KeyException

Get the default/current key to use for new operations, returned along with an identifier for it.

Returns:

the key

Throws:

KeyException - if the key cannot be returned

getKey

@Nonnull
SecretKey getKey(@Nonnull@NotEmpty
                       String name)
                 throws KeyException

Get a specifically named key.

Parameters:

name - name of the key to retrieve

Returns:

the key

Throws:

KeyException - if the key cannot be returned, does not exist, etc.