public abstract class AesCbcHmacShaEncryptionProvider extends Object implements JWEEncryptionProvider
| Modifier and Type | Class and Description |
|---|---|
static class |
AesCbcHmacShaEncryptionProvider.Aes128CbcHmacSha256Provider |
static class |
AesCbcHmacShaEncryptionProvider.Aes192CbcHmacSha384Provider |
static class |
AesCbcHmacShaEncryptionProvider.Aes256CbcHmacSha512Provider |
| Constructor and Description |
|---|
AesCbcHmacShaEncryptionProvider() |
| Modifier and Type | Method and Description |
|---|---|
void |
deserializeCEK(JWEKeyStorage keyStorage)
This method is supposed to deserialize keys.
|
void |
encodeJwe(JWE jwe)
This method usually has 3 outputs:
- generated initialization vector
- encrypted content
- authenticationTag for MAC validation
It is supposed to call
JWE.setEncryptedContentInfo(byte[], byte[], byte[]) after it's finished |
protected abstract int |
getAuthenticationTagLength() |
protected abstract int |
getExpectedAesKeyLength() |
protected abstract String |
getHmacShaAlgorithm() |
byte[] |
serializeCEK(JWEKeyStorage keyStorage)
This method requires that decoded CEK keys are present in the keyStorage.decodedCEK map before it's called
|
void |
verifyAndDecodeJwe(JWE jwe)
This method is supposed to verify checksums and decrypt content.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetExpectedCEKLengthpublic void encodeJwe(JWE jwe) throws IOException, GeneralSecurityException
JWEEncryptionProviderJWE.setEncryptedContentInfo(byte[], byte[], byte[]) after it's finishedencodeJwe in interface JWEEncryptionProviderIOExceptionGeneralSecurityExceptionpublic void verifyAndDecodeJwe(JWE jwe) throws IOException, GeneralSecurityException
JWEEncryptionProviderJWE.content(byte[]) after it's finishedverifyAndDecodeJwe in interface JWEEncryptionProviderIOExceptionGeneralSecurityExceptionprotected abstract int getExpectedAesKeyLength()
protected abstract String getHmacShaAlgorithm()
protected abstract int getAuthenticationTagLength()
public void deserializeCEK(JWEKeyStorage keyStorage)
JWEEncryptionProviderJWEKeyStorage.getCekBytes() is set. After keys are deserialized,
this method needs to call JWEKeyStorage.setCEKKey(Key, JWEKeyStorage.KeyUse) according to all uses, which this encryption algorithm requires.deserializeCEK in interface JWEEncryptionProviderpublic byte[] serializeCEK(JWEKeyStorage keyStorage)
JWEEncryptionProviderserializeCEK in interface JWEEncryptionProviderCopyright © 2021 JBoss by Red Hat. All rights reserved.