Class AuthzClientCryptoProvider
java.lang.Object
org.keycloak.authorization.client.util.crypto.AuthzClientCryptoProvider
- All Implemented Interfaces:
CryptoProvider
Simple crypto provider to be used with the authz-client.
- Author:
- rmartinc
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncreateECParams(String curveName) Create the param spec for the EC curve<T> TgetAlgorithmProvider(Class<T> clazz, String algorithm) Get some algorithm provider implementation.Get CertificateUtils implementation.getCertStore(CollectionCertStoreParameters collectionCertStoreParameters) getKeyFactory(String algorithm) getKeyPairGen(String algorithm) <T> TgetOCSPProver(Class<T> clazz) Get PEMUtils implementation.getSecretKeyFact(String keyAlgorithm) getSignature(String sigAlgName) intorder()Order of this provider.wrapFactoryForTruststore(SSLSocketFactory delegate) Wrap given SSLSocketFactory and decorate it with some additional functionality.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.common.crypto.CryptoProvider
getSupportedKeyStoreTypes, getSupportedRsaKeySizes
-
Constructor Details
-
AuthzClientCryptoProvider
public AuthzClientCryptoProvider()
-
-
Method Details
-
getBouncyCastleProvider
- Specified by:
getBouncyCastleProviderin interfaceCryptoProvider- Returns:
- BouncyCastle security provider. Can be either non-FIPS or FIPS based provider
-
order
public int order()Description copied from interface:CryptoProviderOrder of this provider. This allows to specify which CryptoProvider will have preference in case that more of them are on the classpath. The higher number has preference over the lower number- Specified by:
orderin interfaceCryptoProvider
-
getAlgorithmProvider
Description copied from interface:CryptoProviderGet some algorithm provider implementation. Returned implementation can be dependent according to if we have non-fips bouncycastle or fips bouncycastle on the classpath.- Specified by:
getAlgorithmProviderin interfaceCryptoProvider- Parameters:
clazz- Returned class.algorithm- Type of the algorithm, which we want to return- Returns:
-
getCertificateUtils
Description copied from interface:CryptoProviderGet CertificateUtils implementation. Returned implementation can be dependent according to if we have non-fips bouncycastle or fips bouncycastle on the classpath.- Specified by:
getCertificateUtilsin interfaceCryptoProvider- Returns:
-
getPemUtils
Description copied from interface:CryptoProviderGet PEMUtils implementation. Returned implementation can be dependent according to if we have non-fips bouncycastle or fips bouncycastle on the classpath.- Specified by:
getPemUtilsin interfaceCryptoProvider- Returns:
-
getOCSPProver
- Specified by:
getOCSPProverin interfaceCryptoProvider
-
getIdentityExtractorProvider
- Specified by:
getIdentityExtractorProviderin interfaceCryptoProvider
-
getEcdsaCryptoProvider
- Specified by:
getEcdsaCryptoProviderin interfaceCryptoProvider
-
createECParams
Description copied from interface:CryptoProviderCreate the param spec for the EC curve- Specified by:
createECParamsin interfaceCryptoProvider- Returns:
-
getKeyPairGen
public KeyPairGenerator getKeyPairGen(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException - Specified by:
getKeyPairGenin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderException
-
getKeyFactory
public KeyFactory getKeyFactory(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException - Specified by:
getKeyFactoryin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderException
-
getAesCbcCipher
public Cipher getAesCbcCipher() throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException- Specified by:
getAesCbcCipherin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderExceptionNoSuchPaddingException
-
getAesGcmCipher
public Cipher getAesGcmCipher() throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException- Specified by:
getAesGcmCipherin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderExceptionNoSuchPaddingException
-
getSecretKeyFact
public SecretKeyFactory getSecretKeyFact(String keyAlgorithm) throws NoSuchAlgorithmException, NoSuchProviderException - Specified by:
getSecretKeyFactin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderException
-
getKeyStore
public KeyStore getKeyStore(KeystoreUtil.KeystoreFormat format) throws KeyStoreException, NoSuchProviderException - Specified by:
getKeyStorein interfaceCryptoProvider- Throws:
KeyStoreExceptionNoSuchProviderException
-
getX509CertFactory
- Specified by:
getX509CertFactoryin interfaceCryptoProvider- Throws:
CertificateExceptionNoSuchProviderException
-
getCertStore
public CertStore getCertStore(CollectionCertStoreParameters collectionCertStoreParameters) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException - Specified by:
getCertStorein interfaceCryptoProvider- Throws:
InvalidAlgorithmParameterExceptionNoSuchAlgorithmExceptionNoSuchProviderException
-
getCertPathBuilder
public CertPathBuilder getCertPathBuilder() throws NoSuchAlgorithmException, NoSuchProviderException- Specified by:
getCertPathBuilderin interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderException
-
getSignature
public Signature getSignature(String sigAlgName) throws NoSuchAlgorithmException, NoSuchProviderException - Specified by:
getSignaturein interfaceCryptoProvider- Throws:
NoSuchAlgorithmExceptionNoSuchProviderException
-
wrapFactoryForTruststore
Description copied from interface:CryptoProviderWrap given SSLSocketFactory and decorate it with some additional functionality. This method is used in the context of truststore (where Keycloak is SSL client)- Specified by:
wrapFactoryForTruststorein interfaceCryptoProvider- Parameters:
delegate- The original factory to wrap. Usually default java SSLSocketFactory- Returns:
- decorated factory
-