Package org.keycloak.jose.jwe.enc
Class AesGcmEncryptionProvider
- java.lang.Object
-
- org.keycloak.jose.jwe.enc.AesGcmEncryptionProvider
-
- All Implemented Interfaces:
JWEEncryptionProvider
- Direct Known Subclasses:
AesGcmJWEEncryptionProvider
public abstract class AesGcmEncryptionProvider extends Object implements JWEEncryptionProvider
-
-
Constructor Summary
Constructors Constructor Description AesGcmEncryptionProvider()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description void
deserializeCEK(JWEKeyStorage keyStorage)
This method is supposed to deserialize keys.void
encodeJwe(JWE jwe)
This method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])
after it's finishedprotected abstract int
getExpectedAesKeyLength()
byte[]
serializeCEK(JWEKeyStorage keyStorage)
This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's calledvoid
verifyAndDecodeJwe(JWE jwe)
This method is supposed to verify checksums and decrypt content.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.jose.jwe.enc.JWEEncryptionProvider
getExpectedCEKLength
-
-
-
-
Method Detail
-
encodeJwe
public void encodeJwe(JWE jwe) throws Exception
Description copied from interface:JWEEncryptionProvider
This method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])
after it's finished- Specified by:
encodeJwe
in interfaceJWEEncryptionProvider
- Throws:
IOException
GeneralSecurityException
Exception
-
verifyAndDecodeJwe
public void verifyAndDecodeJwe(JWE jwe) throws Exception
Description copied from interface:JWEEncryptionProvider
This method is supposed to verify checksums and decrypt content. Then it needs to callJWE.content(byte[])
after it's finished- Specified by:
verifyAndDecodeJwe
in interfaceJWEEncryptionProvider
- Throws:
IOException
GeneralSecurityException
Exception
-
serializeCEK
public byte[] serializeCEK(JWEKeyStorage keyStorage)
Description copied from interface:JWEEncryptionProvider
This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's called- Specified by:
serializeCEK
in interfaceJWEEncryptionProvider
- Returns:
-
deserializeCEK
public void deserializeCEK(JWEKeyStorage keyStorage)
Description copied from interface:JWEEncryptionProvider
This method is supposed to deserialize keys. It requires thatJWEKeyStorage.getCekBytes()
is set. After keys are deserialized, this method needs to callJWEKeyStorage.setCEKKey(Key, JWEKeyStorage.KeyUse)
according to all uses, which this encryption algorithm requires.- Specified by:
deserializeCEK
in interfaceJWEEncryptionProvider
-
getExpectedAesKeyLength
protected abstract int getExpectedAesKeyLength()
-
-