1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20 package org.apache.shiro.crypto.cipher;
21
22 /**
23 * ByteSourceBroker holds an encrypted value to decrypt it on demand.
24 * <br/>
25 * {@link #useBytes(ByteSourceUser)} method is designed for dictating
26 * developers to use the byte source in a special way, to prevent its prevalence
27 * and difficulty of managing & zeroing that critical information at end of use.
28 * <br/>
29 * For exceptional cases we allow developers to use the other method,
30 * {@link #getClonedBytes()}, but it's not advised.
31 */
32 public interface ByteSourceBroker {
33 /**
34 * This method accepts an implementation of ByteSourceUser functional interface.
35 * <br/>
36 * To limit the decrypted value's existence, developers should maintain the
37 * implementation part as short as possible.
38 *
39 * @param user Implements a use-case for the decrypted value.
40 */
41 void useBytes(ByteSourceUser user);
42
43 /**
44 * As the name implies, this returns a cloned byte array
45 * and caller has a responsibility to wipe it out at end of use.
46 */
47 byte[] getClonedBytes();
48 }