org.apache.archiva.redback.keys.AbstractKeyManager Maven / Gradle / Ivy
package org.apache.archiva.redback.keys;
/*
* Copyright 2001-2006 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.List;
import java.util.Random;
import java.util.TimeZone;
import org.codehaus.plexus.digest.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* AbstractKeyManager
*
* @author Joakim Erdfelt
*
*/
public abstract class AbstractKeyManager
implements KeyManager
{
protected Logger log = LoggerFactory.getLogger( getClass() );
private static final int KEY_LENGTH = 16;
private static final boolean SECURE = true;
private boolean randomMode = SECURE;
private SecureRandom secureRandom;
private Random random;
/**
* Generate a UUID using RFC 4122 UUID generation of a
* type 4 or randomly generated UUID.
*
* @return the 32 character long UUID string.
* @throws KeyManagerException
*/
protected String generateUUID()
throws KeyManagerException
{
byte vfour[] = new byte[KEY_LENGTH];
if ( isRandomMode() == SECURE )
{
if ( secureRandom == null )
{
try
{
secureRandom = SecureRandom.getInstance( "SHA1PRNG" );
}
catch ( NoSuchAlgorithmException e )
{
setRandomMode( !SECURE );
log.warn( "Unable to use SecureRandom", e );
}
}
if ( isRandomMode() == SECURE )
{
secureRandom.nextBytes( vfour );
}
}
if ( isRandomMode() != SECURE )
{
if ( random == null )
{
random = new Random();
}
random.nextBytes( vfour );
}
vfour[6] &= 0x0F;
vfour[6] |= ( 4 << 4 );
vfour[8] &= 0x3F;
vfour[8] |= 0x80;
return Hex.encode( vfour );
}
/**
* Tests the key to see if it is expired or not.
*
* If the key is expired, a call to {@link #deleteKey(AuthenticationKey)} is issued,
* and a {@link KeyNotFoundException} is thrown.
*
* @param authkey the key to test.
* @throws KeyNotFoundException if the key is expired.
* @throws KeyManagerException if there was a problem removing the key.
*/
protected void assertNotExpired( AuthenticationKey authkey )
throws KeyNotFoundException, KeyManagerException
{
if ( authkey.getDateExpires() == null )
{
// No expiration means a permanent entry.
return;
}
// Test for expiration.
Calendar now = getNowGMT();
Calendar expiration = getNowGMT();
expiration.setTime( authkey.getDateExpires() );
if ( now.after( expiration ) )
{
deleteKey( authkey );
throw new KeyNotFoundException( "Key [" + authkey.getKey() + "] has expired." );
}
}
protected Calendar getNowGMT()
{
return Calendar.getInstance( TimeZone.getTimeZone( "GMT" ) );
}
public void setRandomMode( boolean randomMode )
{
this.randomMode = randomMode;
}
public boolean isRandomMode()
{
return randomMode;
}
public void removeExpiredKeys()
throws KeyManagerException
{
List allKeys = getAllKeys();
Calendar now = getNowGMT();
Calendar expiration = getNowGMT();
log.info( "Removing expired keys." );
for ( AuthenticationKey authkey : allKeys )
{
if ( authkey.getDateExpires() != null )
{
expiration.setTime( authkey.getDateExpires() );
if ( now.after( expiration ) )
{
deleteKey( authkey );
}
}
}
log.info( "Expired keys removed." );
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy