org.xdi.oxauth.model.crypto.AbstractCryptoProvider の継承関係図

org.xdi.oxauth.model.crypto.AbstractCryptoProvider 連携図

公開メンバ関数
abstract JSONObject	generateKey (SignatureAlgorithm signatureAlgorithm, Long expirationTime) throws Exception

abstract String	sign (String signingInput, String keyId, String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws Exception

abstract boolean	verifySignature (String signingInput, String encodedSignature, String keyId, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws Exception

abstract boolean	deleteKey (String keyId) throws Exception

String	getKeyId (JSONWebKeySet jsonWebKeySet, SignatureAlgorithm signatureAlgorithm, Use use) throws Exception

JwksRequestParam	getJwksRequestParam (JSONObject jwkJsonObject) throws JSONException

PublicKey	getPublicKey (String alias, JSONObject jwks) throws Exception

静的公開メンバ関数
static JSONObject	generateJwks (int keyRegenerationInterval, int idTokenLifeTime, AppConfiguration configuration) throws Exception

限定公開メンバ関数
void	checkKeyExpiration (String alias, Long expirationTime)

静的限定公開変数類
static final Logger	LOG = Logger.getLogger(AbstractCryptoProvider.class)

詳解

著者: Javier Rojas Blum

バージョン: September 10, 2018

関数詳解

◆ checkKeyExpiration()

void org.xdi.oxauth.model.crypto.AbstractCryptoProvider.checkKeyExpiration	(	String	alias,
		Long	expirationTime
	)

inlineprotected

                                                                          {
         try {
             Date expirationDate = new Date(expirationTime);
             SimpleDateFormat ft = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
             Date today = new Date();
             long DateDiff = expirationTime - today.getTime();
             long expiresIn = DateDiff / (24 * 60 * 60 * 1000);
             if (expiresIn <= 0) {
                 LOG.warn("\nWARNING! Expired Key with alias: " + alias
                         + "\n\tExpires On: " + ft.format(expirationDate)
                         + "\n\tToday's Date: " + ft.format(today));
             } else if (expiresIn <= 100) {
                 LOG.warn("\nWARNING! Key with alias: " + alias
                         + "\n\tExpires In: " + expiresIn + " days"
                         + "\n\tExpires On: " + ft.format(expirationDate)
                         + "\n\tToday's Date: " + ft.format(today));
             }
         } catch (Exception e) {
             e.printStackTrace();
         }
     }

◆ deleteKey()

abstract boolean org.xdi.oxauth.model.crypto.AbstractCryptoProvider.deleteKey ( String keyId ) throws Exception

abstract

◆ generateJwks()

static JSONObject org.xdi.oxauth.model.crypto.AbstractCryptoProvider.generateJwks	(	int	keyRegenerationInterval,
		int	idTokenLifeTime,
		AppConfiguration	configuration
	)		throws Exception

inlinestatic

                                                                                                                                              {
         JSONArray keys = new JSONArray();
 
         GregorianCalendar expirationTime = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
         expirationTime.add(GregorianCalendar.HOUR, keyRegenerationInterval);
         expirationTime.add(GregorianCalendar.SECOND, idTokenLifeTime);
 
         AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(configuration);
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS256, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS384, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS512, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES256, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES384, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         try {
             keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES512, expirationTime.getTimeInMillis()));
         } catch (Exception ex) {
         }
 
         JSONObject jsonObject = new JSONObject();
         jsonObject.put(JSON_WEB_KEY_SET, keys);
 
         return jsonObject;
     }

◆ generateKey()

abstract JSONObject org.xdi.oxauth.model.crypto.AbstractCryptoProvider.generateKey	(	SignatureAlgorithm	signatureAlgorithm,
		Long	expirationTime
	)		throws Exception

abstract

◆ getJwksRequestParam()

JwksRequestParam org.xdi.oxauth.model.crypto.AbstractCryptoProvider.getJwksRequestParam ( JSONObject jwkJsonObject ) throws JSONException

inline

                                                                                                {
         JwksRequestParam jwks = new JwksRequestParam();
         jwks.setKeyRequestParams(new ArrayList<KeyRequestParam>());
 
         KeyRequestParam key = new KeyRequestParam();
         key.setAlg(jwkJsonObject.getString(ALGORITHM));
         key.setKid(jwkJsonObject.getString(KEY_ID));
         key.setUse(jwkJsonObject.getString(KEY_USE));
         key.setKty(jwkJsonObject.getString(KEY_TYPE));
 
         key.setN(jwkJsonObject.optString(MODULUS));
         key.setE(jwkJsonObject.optString(EXPONENT));
 
         key.setCrv(jwkJsonObject.optString(CURVE));
         key.setX(jwkJsonObject.optString(X));
         key.setY(jwkJsonObject.optString(Y));
 
         jwks.getKeyRequestParams().add(key);
 
         return jwks;
     }

◆ getKeyId()

String org.xdi.oxauth.model.crypto.AbstractCryptoProvider.getKeyId	(	JSONWebKeySet	jsonWebKeySet,
		SignatureAlgorithm	signatureAlgorithm,
		Use	use
	)		throws Exception

inline

                                                                                                                          {
         for (JSONWebKey key : jsonWebKeySet.getKeys()) {
             if (signatureAlgorithm == key.getAlg() && (use == null || use == key.getUse())) {
                 return key.getKid();
             }
         }
 
         return null;
     }

◆ getPublicKey()

PublicKey org.xdi.oxauth.model.crypto.AbstractCryptoProvider.getPublicKey	(	String	alias,
		JSONObject	jwks
	)		throws Exception

inline

                                                                                   {
         java.security.PublicKey publicKey = null;
 
         JSONArray webKeys = jwks.getJSONArray(JSON_WEB_KEY_SET);
         for (int i = 0; i < webKeys.length(); i++) {
             JSONObject key = webKeys.getJSONObject(i);
             if (alias.equals(key.getString(KEY_ID))) {
                 SignatureAlgorithmFamily family = null;
                 if (key.has(ALGORITHM)) {
                     SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.fromString(key.optString(ALGORITHM));
                     family = signatureAlgorithm.getFamily();
                 } else if (key.has(KEY_TYPE)) {
                     family = SignatureAlgorithmFamily.fromString(key.getString(KEY_TYPE));
                 }
 
                 if (SignatureAlgorithmFamily.RSA.equals(family)) {
                     publicKey = new RSAPublicKeyImpl(
                             new BigInteger(1, Base64Util.base64urldecode(key.getString(MODULUS))),
                             new BigInteger(1, Base64Util.base64urldecode(key.getString(EXPONENT))));
                 } else if (SignatureAlgorithmFamily.EC.equals(family)) {
                     ECEllipticCurve curve = ECEllipticCurve.fromString(key.optString(CURVE));
                     AlgorithmParameters parameters = AlgorithmParameters.getInstance(SignatureAlgorithmFamily.EC.toString());
                     parameters.init(new ECGenParameterSpec(curve.getAlias()));
                     ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
 
                     publicKey = KeyFactory.getInstance(SignatureAlgorithmFamily.EC.toString()).generatePublic(new ECPublicKeySpec(
                             new ECPoint(
                                     new BigInteger(1, Base64Util.base64urldecode(key.getString(X))),
                                     new BigInteger(1, Base64Util.base64urldecode(key.getString(Y)))
                             ), ecParameters));
                 }
 
                 if (key.has(EXPIRATION_TIME)) {
                     checkKeyExpiration(alias, key.getLong(EXPIRATION_TIME));
                 }
             }
         }
 
         return publicKey;
     }

◆ sign()

abstract String org.xdi.oxauth.model.crypto.AbstractCryptoProvider.sign	(	String	signingInput,
		String	keyId,
		String	sharedSecret,
		SignatureAlgorithm	signatureAlgorithm
	)		throws Exception

abstract

◆ verifySignature()

abstract boolean org.xdi.oxauth.model.crypto.AbstractCryptoProvider.verifySignature	(	String	signingInput,
		String	encodedSignature,
		String	keyId,
		JSONObject	jwks,
		String	sharedSecret,
		SignatureAlgorithm	signatureAlgorithm
	)		throws Exception

abstract

メンバ詳解

◆ LOG

final Logger org.xdi.oxauth.model.crypto.AbstractCryptoProvider.LOG = Logger.getLogger(AbstractCryptoProvider.class)

staticprotected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java

公開メンバ関数

静的公開メンバ関数

限定公開メンバ関数

静的限定公開変数類

詳解

関数詳解

◆ checkKeyExpiration()

◆ deleteKey()

◆ generateJwks()

◆ generateKey()

◆ getJwksRequestParam()

◆ getKeyId()

◆ getPublicKey()

◆ sign()

◆ verifySignature()

メンバ詳解

◆ LOG