Package io.jans.as.model.crypto

Class AuthCryptoProvider

java.lang.Object

io.jans.as.model.crypto.AbstractCryptoProvider

io.jans.as.model.crypto.AuthCryptoProvider

public class AuthCryptoProvider
extends AbstractCryptoProvider

Version:

November 22, 2021

Author:

Javier Rojas Blum, Yuriy Movchan, Sergey Manoylo

Field Summary

Fields

Modifier and Type	Field	Description
protected static org.apache.log4j.Logger	LOG

Constructor Summary

Constructors

Constructor	Description
AuthCryptoProvider()
AuthCryptoProvider(String keyStoreFile, String keyStoreSecret, String dnName)
AuthCryptoProvider(String keyStoreFile, String keyStoreSecret, String dnName, boolean rejectNoneAlg)
AuthCryptoProvider(String keyStoreFile, String keyStoreSecret, String dnName, boolean rejectNoneAlg, KeySelectionStrategy keySelectionStrategy)

Method Summary

Modifier and Type	Method	Description
boolean	containsKey(String keyId)
boolean	deleteKey(String alias)
org.json.JSONObject	generateKey(Algorithm algorithm, Long expirationTime)
org.json.JSONObject	generateKey(Algorithm algorithm, Long expirationTime, int keyLength)
org.json.JSONObject	generateKey(Algorithm algorithm, Long expirationTime, int keyLength, KeyOpsType keyOpsType)
X509Certificate	generateV3Certificate(KeyPair keyPair, String issuer, String signatureAlgorithm, Long expirationTime)
String	getAliasByAlgorithmForDeletion(Algorithm algorithm, String newAlias, KeyOpsType keyOpsType)
String	getDnName()
String	getKeyId(JSONWebKeySet jsonWebKeySet, Algorithm algorithm, Use use, KeyOpsType keyOpsType)
List<String>	getKeys()
KeyStore	getKeyStore()
String	getKeyStoreFile()
String	getKeyStoreSecret()
PrivateKey	getPrivateKey(String alias)
PublicKey	getPublicKey(String alias)
SignatureAlgorithm	getSignatureAlgorithm(String alias)
void	load()
String	sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
boolean	verifySignature(String signingInput, String encodedSignature, String alias, org.json.JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)

Methods inherited from class io.jans.as.model.crypto.AbstractCryptoProvider

checkKeyExpiration, generateJwks, getJwksRequestParam, getKeyRegenerationIntervalInDays, getPublicKey, setKeyRegenerationIntervalInDays

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOG

protected static final org.apache.log4j.Logger LOG

Constructor Detail

AuthCryptoProvider

public AuthCryptoProvider()
                   throws KeyStoreException

Throws:

KeyStoreException

AuthCryptoProvider

public AuthCryptoProvider(String keyStoreFile,
                          String keyStoreSecret,
                          String dnName)
                   throws KeyStoreException

Throws:

KeyStoreException

AuthCryptoProvider

public AuthCryptoProvider(String keyStoreFile,
                          String keyStoreSecret,
                          String dnName,
                          boolean rejectNoneAlg)
                   throws KeyStoreException

Throws:

KeyStoreException

AuthCryptoProvider

public AuthCryptoProvider(String keyStoreFile,
                          String keyStoreSecret,
                          String dnName,
                          boolean rejectNoneAlg,
                          KeySelectionStrategy keySelectionStrategy)
                   throws KeyStoreException

Throws:

KeyStoreException

Method Detail

load

public void load()
          throws IOException,
                 NoSuchAlgorithmException,
                 CertificateException

Throws:

IOException

NoSuchAlgorithmException

CertificateException

getKeyStoreFile

public String getKeyStoreFile()

getKeyStoreSecret

public String getKeyStoreSecret()

getDnName

public String getDnName()

generateKey

public org.json.JSONObject generateKey(Algorithm algorithm,
                                       Long expirationTime)
                                throws CryptoProviderException

Specified by:

generateKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

generateKey

public org.json.JSONObject generateKey(Algorithm algorithm,
                                       Long expirationTime,
                                       int keyLength,
                                       KeyOpsType keyOpsType)
                                throws CryptoProviderException

Specified by:

generateKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

generateKey

public org.json.JSONObject generateKey(Algorithm algorithm,
                                       Long expirationTime,
                                       int keyLength)
                                throws CryptoProviderException

Specified by:

generateKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

getAliasByAlgorithmForDeletion

public String getAliasByAlgorithmForDeletion(Algorithm algorithm,
                                             String newAlias,
                                             KeyOpsType keyOpsType)
                                      throws KeyStoreException

Throws:

KeyStoreException

containsKey

public boolean containsKey(String keyId)

Specified by:

containsKey in class AbstractCryptoProvider

sign

public String sign(String signingInput,
                   String alias,
                   String sharedSecret,
                   SignatureAlgorithm signatureAlgorithm)
            throws CryptoProviderException

Specified by:

sign in class AbstractCryptoProvider

Throws:

CryptoProviderException

verifySignature

public boolean verifySignature(String signingInput,
                               String encodedSignature,
                               String alias,
                               org.json.JSONObject jwks,
                               String sharedSecret,
                               SignatureAlgorithm signatureAlgorithm)
                        throws CryptoProviderException

Specified by:

verifySignature in class AbstractCryptoProvider

Throws:

CryptoProviderException

deleteKey

public boolean deleteKey(String alias)
                  throws CryptoProviderException

Specified by:

deleteKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

getPublicKey

public PublicKey getPublicKey(String alias)
                       throws CryptoProviderException

Specified by:

getPublicKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

getKeyId

public String getKeyId(JSONWebKeySet jsonWebKeySet,
                       Algorithm algorithm,
                       Use use,
                       KeyOpsType keyOpsType)
                throws CryptoProviderException

Overrides:

getKeyId in class AbstractCryptoProvider

Throws:

CryptoProviderException

getPrivateKey

public PrivateKey getPrivateKey(String alias)
                         throws CryptoProviderException

Specified by:

getPrivateKey in class AbstractCryptoProvider

Throws:

CryptoProviderException

generateV3Certificate

public X509Certificate generateV3Certificate(KeyPair keyPair,
                                             String issuer,
                                             String signatureAlgorithm,
                                             Long expirationTime)
                                      throws org.bouncycastle.cert.CertIOException,
                                             org.bouncycastle.operator.OperatorCreationException,
                                             CertificateException

Throws:

org.bouncycastle.cert.CertIOException

org.bouncycastle.operator.OperatorCreationException

CertificateException

getKeys

public List<String> getKeys()

Overrides:

getKeys in class AbstractCryptoProvider

getSignatureAlgorithm

public SignatureAlgorithm getSignatureAlgorithm(String alias)
                                         throws KeyStoreException

Throws:

KeyStoreException

getKeyStore

public KeyStore getKeyStore()