SecretKeyStore.java

/*
 * GovWay - A customizable API Gateway 
 * https://govway.org
 * 
 * Copyright (c) 2005-2024 Link.it srl (https://link.it). 
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 3, as published by
 * the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

package org.openspcoop2.security.keystore;

import java.io.Serializable;

import javax.crypto.SecretKey;

import org.openspcoop2.security.SecurityException;
import org.openspcoop2.utils.certificate.SymmetricKeyUtils;
import org.openspcoop2.utils.certificate.byok.BYOKRequestParams;

/**
 * SecretKeyStore
 *
 * @author Andrea Poli (apoli@link.it)
 * @author $Author$
 * @version $Rev$, $Date$
 */
public class SecretKeyStore implements Serializable {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	
	private String secretKeyPath;
	
	private byte[] secretKeyContent;
	private transient SecretKey secretKey;
	
	private String algorithm;
	
	@Override
	public String toString() {
		StringBuilder bf = new StringBuilder();
		bf.append("SecretKeyStore (public:").append(this.secretKeyPath).append(")");
		return bf.toString();
	}
	
	public SecretKeyStore(String secretKeyPath, String algorithm) throws SecurityException{
		this(secretKeyPath, algorithm, null);
	}
	public SecretKeyStore(String secretKeyPath, String algorithm, BYOKRequestParams requestParams) throws SecurityException{
	
		this.secretKeyPath = secretKeyPath;
				
		this.algorithm = algorithm==null ? SymmetricKeyUtils.ALGO_AES : algorithm;
		
		this.secretKeyContent = StoreUtils.readContent("SecretKey", this.secretKeyPath);
		
		this.secretKeyContent = StoreUtils.unwrapBYOK(this.secretKeyContent, requestParams);
			
	}
	
	public SecretKeyStore(byte[] secretKey, String algorithm) throws SecurityException{
		this(secretKey, algorithm, null);
	}
	public SecretKeyStore(byte[] secretKey, String algorithm, BYOKRequestParams requestParams) throws SecurityException{

		try{			
			if(secretKey==null){
				throw new SecurityException("Store publicKey non indicato");
			}
			this.secretKeyContent = secretKey;
			
			this.secretKeyContent = StoreUtils.unwrapBYOK(this.secretKeyContent, requestParams);

			this.algorithm = algorithm==null ? SymmetricKeyUtils.ALGO_AES : algorithm;
			
		}catch(Exception e){
			throw new SecurityException(e.getMessage(),e);
		}
		
	}

	public SecretKey getSecretKey() throws SecurityException {
		if(this.secretKey==null) {
			initializeSecretKey();
		}
		return this.secretKey;
	}
	private synchronized void initializeSecretKey() throws SecurityException {
		if(this.secretKey==null) {
			try {
				this.secretKey = SymmetricKeyUtils.getInstance(this.algorithm).getSecretKey(this.secretKeyContent);
			}catch(Exception e){
				throw new SecurityException("Load public key failed: "+e.getMessage(),e);
			}
		}
	}
	
}