Package org.gluu.oxauth.model.crypto
Class OxAuthCryptoProvider
- java.lang.Object
-
- org.gluu.oxauth.model.crypto.AbstractCryptoProvider
-
- org.gluu.oxauth.model.crypto.OxAuthCryptoProvider
-
public class OxAuthCryptoProvider extends AbstractCryptoProvider
- Version:
- April 25, 2022
- Author:
- Javier Rojas Blum, Yuriy Movchan, Sergey Manoylo
-
-
Field Summary
Fields Modifier and Type Field Description protected static org.apache.log4j.LoggerLOG
-
Constructor Summary
Constructors Constructor Description OxAuthCryptoProvider()OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName)OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName, boolean rejectNoneAlg)OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName, boolean rejectNoneAlg, KeySelectionStrategy keySelectionStrategy)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static booleancheckExtension(java.lang.String extension, org.gluu.util.security.SecurityProviderUtility.SecurityModeType securityMode)Checks, if SecurityModeType value correspondent to the keystorage extension valuebooleancontainsKey(java.lang.String keyId)booleandeleteKey(java.lang.String alias)org.json.JSONObjectgenerateKey(Algorithm algorithm, java.lang.Long expirationTime, Use use)org.json.JSONObjectgenerateKey(Algorithm algorithm, java.lang.Long expirationTime, Use use, int keyLength)java.security.cert.X509CertificategenerateV3Certificate(java.security.KeyPair keyPair, java.lang.String issuer, java.lang.String signatureAlgorithm, java.lang.Long expirationTime)java.lang.StringgetAliasByAlgorithmForDeletion(Algorithm algorithm, java.lang.String newAlias, Use use)java.lang.StringgetDnName()java.lang.StringgetKeyId(JSONWebKeySet jsonWebKeySet, Algorithm algorithm, Use use)java.util.List<java.lang.String>getKeys()java.security.KeyStoregetKeyStore()java.lang.StringgetKeyStoreFile()java.lang.StringgetKeyStoreSecret()java.security.PrivateKeygetPrivateKey(java.lang.String alias)java.security.PublicKeygetPublicKey(java.lang.String alias)SignatureAlgorithmgetSignatureAlgorithm(java.lang.String alias)voidload(java.lang.String keyStoreSecret)java.lang.Stringsign(java.lang.String signingInput, java.lang.String alias, java.lang.String sharedSecret, SignatureAlgorithm signatureAlgorithm)booleanverifySignature(java.lang.String signingInput, java.lang.String encodedSignature, java.lang.String alias, org.json.JSONObject jwks, java.lang.String sharedSecret, SignatureAlgorithm signatureAlgorithm)-
Methods inherited from class org.gluu.oxauth.model.crypto.AbstractCryptoProvider
checkKeyExpiration, generateJwks, generateKey, getKeyRegenerationIntervalInDays, getPublicKey, setKeyRegenerationIntervalInDays
-
-
-
-
Constructor Detail
-
OxAuthCryptoProvider
public OxAuthCryptoProvider() throws java.lang.Exception- Throws:
java.lang.Exception
-
OxAuthCryptoProvider
public OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName) throws java.lang.Exception- Throws:
java.lang.Exception
-
OxAuthCryptoProvider
public OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName, boolean rejectNoneAlg) throws java.lang.Exception- Throws:
java.lang.Exception
-
OxAuthCryptoProvider
public OxAuthCryptoProvider(java.lang.String keyStoreFile, java.lang.String keyStoreSecret, java.lang.String dnName, boolean rejectNoneAlg, KeySelectionStrategy keySelectionStrategy) throws java.lang.Exception- Throws:
java.lang.Exception
-
-
Method Detail
-
load
public void load(java.lang.String keyStoreSecret)
-
getKeyStoreFile
public java.lang.String getKeyStoreFile()
-
getKeyStoreSecret
public java.lang.String getKeyStoreSecret()
-
getDnName
public java.lang.String getDnName()
-
generateKey
public org.json.JSONObject generateKey(Algorithm algorithm, java.lang.Long expirationTime, Use use) throws java.lang.Exception
- Specified by:
generateKeyin classAbstractCryptoProvider- Throws:
java.lang.Exception
-
generateKey
public org.json.JSONObject generateKey(Algorithm algorithm, java.lang.Long expirationTime, Use use, int keyLength) throws java.lang.Exception
- Specified by:
generateKeyin classAbstractCryptoProvider- Throws:
java.lang.Exception
-
getAliasByAlgorithmForDeletion
public java.lang.String getAliasByAlgorithmForDeletion(Algorithm algorithm, java.lang.String newAlias, Use use) throws java.security.KeyStoreException
- Throws:
java.security.KeyStoreException
-
containsKey
public boolean containsKey(java.lang.String keyId)
- Specified by:
containsKeyin classAbstractCryptoProvider
-
sign
public java.lang.String sign(java.lang.String signingInput, java.lang.String alias, java.lang.String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws java.lang.Exception- Specified by:
signin classAbstractCryptoProvider- Throws:
java.lang.Exception
-
verifySignature
public boolean verifySignature(java.lang.String signingInput, java.lang.String encodedSignature, java.lang.String alias, org.json.JSONObject jwks, java.lang.String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws java.lang.Exception- Specified by:
verifySignaturein classAbstractCryptoProvider- Throws:
java.lang.Exception
-
deleteKey
public boolean deleteKey(java.lang.String alias) throws java.lang.Exception- Specified by:
deleteKeyin classAbstractCryptoProvider- Throws:
java.lang.Exception
-
getPublicKey
public java.security.PublicKey getPublicKey(java.lang.String alias)
-
getKeyId
public java.lang.String getKeyId(JSONWebKeySet jsonWebKeySet, Algorithm algorithm, Use use) throws java.lang.Exception
- Overrides:
getKeyIdin classAbstractCryptoProvider- Throws:
java.lang.Exception
-
getPrivateKey
public java.security.PrivateKey getPrivateKey(java.lang.String alias) throws java.security.UnrecoverableKeyException, java.security.NoSuchAlgorithmException, java.security.KeyStoreException- Specified by:
getPrivateKeyin classAbstractCryptoProvider- Throws:
java.security.UnrecoverableKeyExceptionjava.security.NoSuchAlgorithmExceptionjava.security.KeyStoreException
-
generateV3Certificate
public java.security.cert.X509Certificate generateV3Certificate(java.security.KeyPair keyPair, java.lang.String issuer, java.lang.String signatureAlgorithm, java.lang.Long expirationTime) throws org.bouncycastle.cert.CertIOException, org.bouncycastle.operator.OperatorCreationException, java.security.cert.CertificateException- Throws:
org.bouncycastle.cert.CertIOExceptionorg.bouncycastle.operator.OperatorCreationExceptionjava.security.cert.CertificateException
-
getKeys
public java.util.List<java.lang.String> getKeys()
- Overrides:
getKeysin classAbstractCryptoProvider
-
getSignatureAlgorithm
public SignatureAlgorithm getSignatureAlgorithm(java.lang.String alias) throws java.security.KeyStoreException
- Throws:
java.security.KeyStoreException
-
getKeyStore
public java.security.KeyStore getKeyStore()
-
checkExtension
public static boolean checkExtension(java.lang.String extension, org.gluu.util.security.SecurityProviderUtility.SecurityModeType securityMode)Checks, if SecurityModeType value correspondent to the keystorage extension value- Parameters:
extension- extension valuesecurityMode- SecurityModeType value- Returns:
- boolean result
-
-