Package org.cryptomator.cryptolib.common
Class DestroyableSecretKey
- java.lang.Object
-
- org.cryptomator.cryptolib.common.DestroyableSecretKey
-
- All Implemented Interfaces:
Serializable
,AutoCloseable
,Key
,SecretKey
,Destroyable
- Direct Known Subclasses:
Masterkey
public class DestroyableSecretKey extends Object implements SecretKey, AutoCloseable
ASecretKey
that (other than JDK's SecretKeySpec) actually implementsDestroyable
.Furthermore, this implementation will not create copies when accessing
getEncoded()
. Instead it implementscopy()
andAutoCloseable
in an exception-free manner. To prevent mutation of the exposed key, you would want to make sure to always work on scoped copies, such as in this example:// copy "key" to protect it from unwanted modifications: try (DestroyableSecretKey k = key.copy()) { // use "k": Cipher cipher = Cipher.init(k, ...) cipher.doFinal(...) } // "k" will get destroyed here
- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from interface javax.crypto.SecretKey
serialVersionUID
-
-
Constructor Summary
Constructors Constructor Description DestroyableSecretKey(byte[] key, int offset, int len, String algorithm)
Creates a new destroyable secret key, copying of the provided raw key bytes.DestroyableSecretKey(byte[] key, String algorithm)
Convenience constructor forDestroyableSecretKey(byte[], int, int, String)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
close()
Same asdestroy()
DestroyableSecretKey
copy()
Returns an independent copy of this keyvoid
destroy()
boolean
equals(Object o)
static DestroyableSecretKey
from(Key secretKey)
Casts or converts a givenSecretKey
to a DestroyableSecretKeystatic DestroyableSecretKey
generate(SecureRandom csprng, String algorithm, int keyLenBytes)
Creates a new key of given length and for use with given algorithm using entropy from the given csprng.String
getAlgorithm()
byte[]
getEncoded()
Returns the raw key bytes this instance wraps.String
getFormat()
int
hashCode()
boolean
isDestroyed()
-
-
-
Constructor Detail
-
DestroyableSecretKey
public DestroyableSecretKey(byte[] key, String algorithm)
Convenience constructor forDestroyableSecretKey(byte[], int, int, String)
- Parameters:
key
- The raw key data (will get copied)algorithm
- Thealgorithm name
-
DestroyableSecretKey
public DestroyableSecretKey(byte[] key, int offset, int len, String algorithm)
Creates a new destroyable secret key, copying of the provided raw key bytes.- Parameters:
key
- A byte[] holding the key material (relevant part will get copied)offset
- The offset withinkey
where the key startslen
- The number of bytes beginning atoffset
to read fromkey
algorithm
- Thealgorithm name
-
-
Method Detail
-
from
public static DestroyableSecretKey from(Key secretKey)
Casts or converts a givenSecretKey
to a DestroyableSecretKey- Parameters:
secretKey
- The secret key- Returns:
- Either the provided or a new key, depending on whether the provided key is already a DestroyableSecretKey
-
generate
public static DestroyableSecretKey generate(SecureRandom csprng, String algorithm, int keyLenBytes)
Creates a new key of given length and for use with given algorithm using entropy from the given csprng.- Parameters:
csprng
- A cryptographically secure random number sourcealgorithm
- Thekey algorithm
keyLenBytes
- The length of the key (in bytes)- Returns:
- A new secret key
-
getAlgorithm
public String getAlgorithm()
- Specified by:
getAlgorithm
in interfaceKey
-
getEncoded
public byte[] getEncoded()
Returns the raw key bytes this instance wraps.Important: Any change to the returned array will reflect in this key. Make sure to
make a local copy
if you can't rule out mutations.- Specified by:
getEncoded
in interfaceKey
- Returns:
- A byte array holding the secret key
-
copy
public DestroyableSecretKey copy()
Returns an independent copy of this key- Returns:
- New copy of
this
-
destroy
public void destroy()
- Specified by:
destroy
in interfaceDestroyable
-
isDestroyed
public boolean isDestroyed()
- Specified by:
isDestroyed
in interfaceDestroyable
-
close
public void close()
Same asdestroy()
- Specified by:
close
in interfaceAutoCloseable
-
-