public abstract static class KeyTypeManager.KeyFactory<KeyFormatProtoT extends com.google.protobuf.MessageLite,KeyProtoT extends com.google.protobuf.MessageLite> extends Object
KeyFactory creates new keys from a given KeyFormat.
A KeyFactory implements all the methods which are required if a KeyTypeManager should also be able to generate keys. In particular, in this case it needs to have some KeyFormat protocol buffer which can be validated, parsed, and from which a key can be generated.
| Modifier and Type | Class and Description |
|---|---|
static class |
KeyTypeManager.KeyFactory.KeyFormat<KeyFormatProtoT>
A container that contains key format and other information that form key templates supported
by this factory.
|
| Constructor and Description |
|---|
KeyFactory(Class<KeyFormatProtoT> clazz) |
| Modifier and Type | Method and Description |
|---|---|
abstract KeyProtoT |
createKey(KeyFormatProtoT keyFormat)
Creates a new key from a given format.
|
KeyProtoT |
deriveKey(KeyFormatProtoT keyFormat,
InputStream pseudoRandomness)
Derives a new key from a given format, using the given
pseudoRandomness. |
Class<KeyFormatProtoT> |
getKeyFormatClass()
Returns the class corresponding to the key format protobuffer.
|
Map<String,KeyTypeManager.KeyFactory.KeyFormat<KeyFormatProtoT>> |
keyFormats()
Returns supported key formats and their names.
|
abstract KeyFormatProtoT |
parseKeyFormat(com.google.protobuf.ByteString byteString)
Parses a serialized key proto.
|
protected static void |
readFully(InputStream input,
byte[] output)
Reads
output.length number of bytes of (pseudo)randomness from the input
stream into the provided output buffer. |
abstract void |
validateKeyFormat(KeyFormatProtoT keyFormatProto)
Checks if the given
keyFormatProto is a valid key. |
public KeyFactory(Class<KeyFormatProtoT> clazz)
public final Class<KeyFormatProtoT> getKeyFormatClass()
public abstract void validateKeyFormat(KeyFormatProtoT keyFormatProto) throws GeneralSecurityException
keyFormatProto is a valid key.GeneralSecurityException - if the passed keyFormatProto is not valid in any
way.public abstract KeyFormatProtoT parseKeyFormat(com.google.protobuf.ByteString byteString) throws com.google.protobuf.InvalidProtocolBufferException
Implement as return KeyFormatProtoT.parseFrom(byteString);.
com.google.protobuf.InvalidProtocolBufferExceptionpublic abstract KeyProtoT createKey(KeyFormatProtoT keyFormat) throws GeneralSecurityException
GeneralSecurityExceptionpublic KeyProtoT deriveKey(KeyFormatProtoT keyFormat, InputStream pseudoRandomness) throws GeneralSecurityException
pseudoRandomness.
Implementations need to note that the given paramter pseudoRandomness may only
produce a finite amount of randomness. Hence, proper implementations will first obtain all
the pseudorandom bytes needed; and only after produce the key.
While validateKeyFormat is called before this method will be called,
implementations must check the version of the given keyFormat, as validateKeyFormat is also called from createKey.
Not every KeyTypeManager needs to implement this; if not implemented a GeneralSecurityException will be thrown.
GeneralSecurityExceptionpublic Map<String,KeyTypeManager.KeyFactory.KeyFormat<KeyFormatProtoT>> keyFormats() throws GeneralSecurityException
GeneralSecurityException - Key type managers can throw GeneralSecurityException when
their key formats depend on other key formats that were not registered.protected static void readFully(InputStream input, byte[] output) throws IOException, GeneralSecurityException
output.length number of bytes of (pseudo)randomness from the input
stream into the provided output buffer.
Note that this method will not close the input stream.GeneralSecurityException - when not enough randomness was provided in the input
stream.IOException