final class SessionKeyStoreWithInMemoryCache extends SessionKeyStore with ConfirmationRequestSessionKeyStore
- Alphabetic
- By Inheritance
- SessionKeyStoreWithInMemoryCache
- ConfirmationRequestSessionKeyStore
- SessionKeyStore
- AnyRef
- Any
- Hide All
- Show All
- Public
- Protected
Instance Constructors
- new SessionKeyStoreWithInMemoryCache(sessionKeysCacheConfig: SessionEncryptionKeyCacheConfig)(implicit executionContext: ExecutionContext)
Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
- def convertStore(implicit executionContext: ExecutionContext): ConfirmationRequestSessionKeyStore
If the session store is set, we use it to store our session keys and reuse them across transactions.
If the session store is set, we use it to store our session keys and reuse them across transactions. Otherwise, if the 'global' session store is disabled, we create a local cache that is valid only for a single transaction.
- Definition Classes
- SessionKeyStore
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def equals(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef → Any
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- def getSessionKeyInfoIfPresent(recipients: RecipientGroup): Option[SessionKeyInfo]
- Attributes
- protected[canton]
- Definition Classes
- ConfirmationRequestSessionKeyStore
- Annotations
- @VisibleForTesting()
- def getSessionKeyRandomness(privateCrypto: CryptoPrivateApi, keySizeInBytes: Int, encryptedRandomness: AsymmetricEncrypted[SecureRandomness])(implicit tc: TraceContext, ec: ExecutionContext): EitherT[FutureUnlessShutdown, DecryptionError, SecureRandomness]
- Definition Classes
- ConfirmationRequestSessionKeyStore
- def getSessionKeyRandomnessIfPresent(encryptedRandomness: AsymmetricEncrypted[SecureRandomness]): Option[SecureRandomness]
- Attributes
- protected[canton]
- Definition Classes
- ConfirmationRequestSessionKeyStore
- def getSessionKeysInfoIfPresent(recipients: Seq[RecipientGroup]): Map[RecipientGroup, SessionKeyInfo]
- Attributes
- protected[canton]
- Definition Classes
- ConfirmationRequestSessionKeyStore
- def hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- def saveSessionKeysInfo(toSave: Map[RecipientGroup, SessionKeyInfo]): Unit
- Attributes
- protected[canton]
- Definition Classes
- ConfirmationRequestSessionKeyStore
- lazy val sessionKeysCacheReceiver: Cache[AsymmetricEncrypted[SecureRandomness], SecureRandomness]
This cache keeps track of the matching encrypted randomness for the session keys and their correspondent unencrypted value.
This cache keeps track of the matching encrypted randomness for the session keys and their correspondent unencrypted value. This way we can save on the amount of asymmetric decryption operations.
- Attributes
- protected
- Definition Classes
- SessionKeyStoreWithInMemoryCache → ConfirmationRequestSessionKeyStore
- lazy val sessionKeysCacheSender: Cache[RecipientGroup, SessionKeyInfo]
This cache keeps track of the session key information for each recipient tree, which is then used to encrypt the view messages.
This cache keeps track of the session key information for each recipient tree, which is then used to encrypt the view messages.
This cache may create interesting eviction strategies during a key roll of a recipient. Whether a key is considered revoked or not depends on the snapshot we're picking.
So, consider two concurrent transaction submissions:
- tx1 and tx2 pick a snapshot where the key is still valid
- tx3 and tx4 pick a snapshot where the key is invalid
However, due to concurrency, they interleave for the encrypted view message factory as tx1, tx3, tx2, tx4
- tx1 populates the cache for the recipients' tree with a new session key;
- tx3 notices that the key is no longer valid, produces a new session key and replaces the old one;
- tx2 finds the session key from tx3, but considers it invalid because the key is not active. So create a new session key and evict the old on;
- tx4 installs again a new session key
Since key rolls are rare and everything still remains consistent we accept this as an expected behavior.
- Attributes
- protected
- Definition Classes
- SessionKeyStoreWithInMemoryCache → ConfirmationRequestSessionKeyStore
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- def toString(): String
- Definition Classes
- AnyRef → Any
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])