blob: fa381c00df962ab720a322d12d3cc170bc1f4bf7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
// Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.security;
import java.util.Arrays;
import java.util.Objects;
import static com.yahoo.security.ArrayUtils.fromUtf8Bytes;
import static com.yahoo.security.ArrayUtils.toUtf8Bytes;
/**
* Represents a named key ID comprising an arbitrary (but length-limited)
* sequence of valid UTF-8 bytes.
*
* @author vekterli
*/
public class KeyId {
// Max length MUST be possible to fit in an unsigned byte; see SealedSharedKey token encoding/decoding.
public static final int MAX_KEY_ID_UTF8_LENGTH = 255;
private final byte[] keyIdBytes;
private KeyId(byte[] keyIdBytes) {
if (keyIdBytes.length > MAX_KEY_ID_UTF8_LENGTH) {
throw new IllegalArgumentException("Key ID is too large to be encoded (max is %d, got %d)"
.formatted(MAX_KEY_ID_UTF8_LENGTH, keyIdBytes.length));
}
verifyByteStringRoundtripsAsValidUtf8(keyIdBytes);
this.keyIdBytes = keyIdBytes;
}
/**
* Construct a KeyId containing the given sequence of bytes.
*
* @param keyIdBytes array of valid UTF-8 bytes. May be zero-length, but not null.
* Note: to avoid accidental mutations, the key bytes are deep-copied.
* @return a new KeyId instance
*/
public static KeyId ofBytes(byte[] keyIdBytes) {
Objects.requireNonNull(keyIdBytes);
return new KeyId(Arrays.copyOf(keyIdBytes, keyIdBytes.length));
}
/**
* Construct a KeyId containing the UTF-8 byte representation of the given string.
*
* @param keyId a string whose UTF-8 byte representation will be the key ID. May be
* zero-length but not null.
* @return a new KeyId instance
*/
public static KeyId ofString(String keyId) {
Objects.requireNonNull(keyId);
return new KeyId(toUtf8Bytes(keyId));
}
/**
* @return the raw backing byte array. <strong>Must therefore not be mutated.</strong>
*/
public byte[] asBytes() { return keyIdBytes; }
public String asString() { return fromUtf8Bytes(keyIdBytes); }
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
KeyId keyId = (KeyId) o;
return Arrays.equals(keyIdBytes, keyId.keyIdBytes);
}
@Override
public int hashCode() {
return Arrays.hashCode(keyIdBytes);
}
@Override
public String toString() {
return "KeyId(%s)".formatted(asString());
}
private static void verifyByteStringRoundtripsAsValidUtf8(byte[] byteStr) {
String asStr = fromUtf8Bytes(byteStr); // Replaces bad chars with a placeholder
byte[] asBytes = toUtf8Bytes(asStr);
if (!Arrays.equals(byteStr, asBytes)) {
throw new IllegalArgumentException("Key ID is not valid normalized UTF-8");
}
}
}
|
