Package org.keycloak.jose.jwe.enc
Interface JWEEncryptionProvider
-
- All Known Implementing Classes:
AesCbcHmacShaEncryptionProvider
,AesCbcHmacShaEncryptionProvider.Aes128CbcHmacSha256Provider
,AesCbcHmacShaEncryptionProvider.Aes192CbcHmacSha384Provider
,AesCbcHmacShaEncryptionProvider.Aes256CbcHmacSha512Provider
,AesCbcHmacShaJWEEncryptionProvider
,AesGcmEncryptionProvider
,AesGcmJWEEncryptionProvider
public interface JWEEncryptionProvider
- Author:
- Marek Posolda
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
deserializeCEK(JWEKeyStorage keyStorage)
This method is supposed to deserialize keys.void
encodeJwe(JWE jwe)
This method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])
after it's finishedint
getExpectedCEKLength()
byte[]
serializeCEK(JWEKeyStorage keyStorage)
This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's calledvoid
verifyAndDecodeJwe(JWE jwe)
This method is supposed to verify checksums and decrypt content.
-
-
-
Method Detail
-
encodeJwe
void encodeJwe(JWE jwe) throws Exception
This method usually has 3 outputs: - generated initialization vector - encrypted content - authenticationTag for MAC validation It is supposed to callJWE.setEncryptedContentInfo(byte[], byte[], byte[])
after it's finished- Parameters:
jwe
-- Throws:
IOException
GeneralSecurityException
Exception
-
verifyAndDecodeJwe
void verifyAndDecodeJwe(JWE jwe) throws Exception
This method is supposed to verify checksums and decrypt content. Then it needs to callJWE.content(byte[])
after it's finished- Parameters:
jwe
-- Throws:
IOException
GeneralSecurityException
Exception
-
serializeCEK
byte[] serializeCEK(JWEKeyStorage keyStorage)
This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's called- Parameters:
keyStorage
-- Returns:
-
deserializeCEK
void deserializeCEK(JWEKeyStorage keyStorage)
This method is supposed to deserialize keys. It requires thatJWEKeyStorage.getCekBytes()
is set. After keys are deserialized, this method needs to callJWEKeyStorage.setCEKKey(Key, JWEKeyStorage.KeyUse)
according to all uses, which this encryption algorithm requires.- Parameters:
keyStorage
-
-
getExpectedCEKLength
int getExpectedCEKLength()
-
-