Package org.keycloak.jose.jwe.enc
Class AesGcmEncryptionProvider
- java.lang.Object
-
- org.keycloak.jose.jwe.enc.AesGcmEncryptionProvider
-
- All Implemented Interfaces:
JWEEncryptionProvider
- Direct Known Subclasses:
AesGcmJWEEncryptionProvider
public abstract class AesGcmEncryptionProvider extends Object implements JWEEncryptionProvider
-
-
Constructor Summary
Constructors Constructor Description AesGcmEncryptionProvider()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description voiddeserializeCEK(JWEKeyStorage keyStorage)This method is supposed to deserialize keys.voidencodeJwe(JWE jwe)This method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])after it's finishedprotected abstract intgetExpectedAesKeyLength()byte[]serializeCEK(JWEKeyStorage keyStorage)This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's calledvoidverifyAndDecodeJwe(JWE jwe)This method is supposed to verify checksums and decrypt content.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.jose.jwe.enc.JWEEncryptionProvider
getExpectedCEKLength
-
-
-
-
Method Detail
-
encodeJwe
public void encodeJwe(JWE jwe) throws Exception
Description copied from interface:JWEEncryptionProviderThis method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])after it's finished- Specified by:
encodeJwein interfaceJWEEncryptionProvider- Throws:
IOExceptionGeneralSecurityExceptionException
-
verifyAndDecodeJwe
public void verifyAndDecodeJwe(JWE jwe) throws Exception
Description copied from interface:JWEEncryptionProviderThis method is supposed to verify checksums and decrypt content. Then it needs to callJWE.content(byte[])after it's finished- Specified by:
verifyAndDecodeJwein interfaceJWEEncryptionProvider- Throws:
IOExceptionGeneralSecurityExceptionException
-
serializeCEK
public byte[] serializeCEK(JWEKeyStorage keyStorage)
Description copied from interface:JWEEncryptionProviderThis method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's called- Specified by:
serializeCEKin interfaceJWEEncryptionProvider- Returns:
-
deserializeCEK
public void deserializeCEK(JWEKeyStorage keyStorage)
Description copied from interface:JWEEncryptionProviderThis method is supposed to deserialize keys. It requires thatJWEKeyStorage.getCekBytes()is set. After keys are deserialized, this method needs to callJWEKeyStorage.setCEKKey(Key, JWEKeyStorage.KeyUse)according to all uses, which this encryption algorithm requires.- Specified by:
deserializeCEKin interfaceJWEEncryptionProvider
-
getExpectedAesKeyLength
protected abstract int getExpectedAesKeyLength()
-
-