This project has retired. For details please refer to its Attic page.
AbstractKeyManager xref
View Javadoc

1   package org.apache.archiva.redback.keys;
2   
3   /*
4    * Copyright 2001-2006 The Apache Software Foundation.
5    *
6    * Licensed under the Apache License, Version 2.0 (the "License");
7    * you may not use this file except in compliance with the License.
8    * You may obtain a copy of the License at
9    *
10   *      http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  import java.security.NoSuchAlgorithmException;
20  import java.security.SecureRandom;
21  import java.util.Calendar;
22  import java.util.List;
23  import java.util.Random;
24  import java.util.TimeZone;
25  
26  import org.codehaus.plexus.digest.Hex;
27  import org.slf4j.Logger;
28  import org.slf4j.LoggerFactory;
29  
30  /**
31   * AbstractKeyManager 
32   *
33   * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
34   *
35   */
36  public abstract class AbstractKeyManager
37      implements KeyManager
38  {
39      protected Logger log = LoggerFactory.getLogger( getClass() );
40      
41      private static final int KEY_LENGTH = 16;
42  
43      private static final boolean SECURE = true;
44  
45      private boolean randomMode = SECURE;
46  
47      private SecureRandom secureRandom;
48  
49      private Random random;
50  
51      /**
52       * Generate a UUID using <a href="http://www.ietf.org/rfc/rfc4122.txt">RFC 4122</a> UUID generation of a 
53       * type 4 or randomly generated UUID.
54       * 
55       * @return the 32 character long UUID string.
56       * @throws KeyManagerException
57       */
58      protected String generateUUID()
59          throws KeyManagerException
60      {
61          byte vfour[] = new byte[KEY_LENGTH];
62  
63          if ( isRandomMode() == SECURE )
64          {
65              if ( secureRandom == null )
66              {
67                  try
68                  {
69                      secureRandom = SecureRandom.getInstance( "SHA1PRNG" );
70                  }
71                  catch ( NoSuchAlgorithmException e )
72                  {
73                      setRandomMode( !SECURE );
74                      log.warn( "Unable to use SecureRandom", e );
75                  }
76              }
77  
78              if ( isRandomMode() == SECURE )
79              {
80                  secureRandom.nextBytes( vfour );
81              }
82          }
83  
84          if ( isRandomMode() != SECURE )
85          {
86              if ( random == null )
87              {
88                  random = new Random();
89              }
90  
91              random.nextBytes( vfour );
92          }
93  
94          vfour[6] &= 0x0F;
95          vfour[6] |= ( 4 << 4 );
96          vfour[8] &= 0x3F;
97          vfour[8] |= 0x80;
98  
99          return Hex.encode( vfour );
100     }
101 
102     /**
103      * Tests the key to see if it is expired or not.
104      * 
105      * If the key is expired, a call to {@link #removeExpiredKey(AuthenticationKey)} is issued,
106      * and a {@link KeyNotFoundException} is thrown.
107      * 
108      * @param authkey the key to test.
109      * @throws KeyNotFoundException if the key is expired.
110      * @throws KeyManagerException if there was a problem removing the key.
111      */
112     protected void assertNotExpired( AuthenticationKey authkey )
113         throws KeyNotFoundException, KeyManagerException
114     {
115         if ( authkey.getDateExpires() == null )
116         {
117             // No expiration means a permanent entry.
118             return;
119         }
120     
121         // Test for expiration.
122         Calendar now = getNowGMT();
123         Calendar expiration = getNowGMT();
124         expiration.setTime( authkey.getDateExpires() );
125     
126         if ( now.after( expiration ) )
127         {
128             deleteKey( authkey );
129             throw new KeyNotFoundException( "Key [" + authkey.getKey() + "] has expired." );
130         }
131     }
132 
133     protected Calendar getNowGMT()
134     {
135         return Calendar.getInstance( TimeZone.getTimeZone( "GMT" ) );
136     }
137 
138     public void setRandomMode( boolean randomMode )
139     {
140         this.randomMode = randomMode;
141     }
142 
143     public boolean isRandomMode()
144     {
145         return randomMode;
146     }
147 
148     public void removeExpiredKeys()
149         throws KeyManagerException
150     {
151         List<AuthenticationKey> allKeys = getAllKeys();
152 
153         Calendar now = getNowGMT();
154         Calendar expiration = getNowGMT();
155 
156         log.info( "Removing expired keys." );
157         for ( AuthenticationKey authkey : allKeys )
158         {
159             if ( authkey.getDateExpires() != null )
160             {
161                 expiration.setTime( authkey.getDateExpires() );
162 
163                 if ( now.after( expiration ) )
164                 {
165                     deleteKey( authkey );
166                 }
167             }
168         }
169         log.info( "Expired keys removed." );
170     }
171 }