diff options
author | gjoranv <gjoranv@gmail.com> | 2023-09-21 18:13:53 +0200 |
---|---|---|
committer | gjoranv <gjoranv@gmail.com> | 2023-09-25 10:26:39 +0200 |
commit | ce541bca4f4021d2b10c17c2a82e9bcd597428a3 (patch) | |
tree | 7ec7218b4b7533be6f50b3f95ee7d3f10be5013b /config-provisioning | |
parent | 2f9bf822d9817a24ef070b7e69e3cbc429d43338 (diff) |
Encapsulate wiregaurd key + timestamp in new class
- Use 'wireguard' object with key and timestamp for Rest api.
- Keep zk node format unchanged.
Diffstat (limited to 'config-provisioning')
-rw-r--r-- | config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java new file mode 100644 index 00000000000..ecc1cf71113 --- /dev/null +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java @@ -0,0 +1,39 @@ +package com.yahoo.config.provision; + +import com.yahoo.jdisc.Timer; + +import java.time.Instant; +import java.time.temporal.ChronoUnit; +import java.util.Random; + +/** + * @author gjoranv + */ +public record WireguardKeyWithTimestamp(WireguardKey key, Instant timestamp) { + + public static final int KEY_ROTATION_BASE = 60; + public static final int KEY_ROTATION_VARIANCE = 10; + public static final int KEY_EXPIRY = KEY_ROTATION_BASE + KEY_ROTATION_VARIANCE + 5; + + public WireguardKeyWithTimestamp { + if (key == null) throw new IllegalArgumentException("Wireguard key cannot be null"); + if (timestamp == null) timestamp = Instant.EPOCH; + } + + public static WireguardKeyWithTimestamp from(String key, long msTimestamp) { + return new WireguardKeyWithTimestamp(WireguardKey.from(key), Instant.ofEpochMilli(msTimestamp)); + } + + public boolean isDueForRotation(Timer timer, ChronoUnit unit, Random random) { + return timer.currentTime().isAfter(keyRotationDueAt(unit, random)); + } + + public boolean hasExpired(Timer timer, ChronoUnit unit) { + return timer.currentTime().isAfter(timestamp.plus(KEY_EXPIRY, unit)); + } + + private Instant keyRotationDueAt(ChronoUnit unit, Random random) { + return timestamp.plus(KEY_ROTATION_BASE + random.nextInt(KEY_ROTATION_VARIANCE), unit); + } + +} |