org.keycloak.keys.GeneratedEcdsaKeyProviderFactory の継承関係図

org.keycloak.keys.GeneratedEcdsaKeyProviderFactory 連携図

公開メンバ関数
KeyProvider	create (KeycloakSession session, ComponentModel model)

boolean	createFallbackKeys (KeycloakSession session, KeyUse keyUse, String algorithm)

String	getHelpText ()

List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

void	validateConfiguration (KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException

静的公開メンバ関数
static final ProviderConfigurationBuilder	configurationBuilder ()

static KeyPair	generateEcdsaKeyPair (String keySpecName)

static String	convertECDomainParmNistRepToSecRep (String ecInNistRep)

static String	convertECDomainParmNistRepToAlgorithm (String ecInNistRep)

static String	convertAlgorithmToECDomainParmNistRep (String algorithm)

静的公開変数類
static final String	ID = "ecdsa-generated"

static final String	DEFAULT_ECDSA_ELLIPTIC_CURVE = "P-256"

静的限定公開変数類
static final String	ECDSA_PRIVATE_KEY_KEY = "ecdsaPrivateKey"

static final String	ECDSA_PUBLIC_KEY_KEY = "ecdsaPublicKey"

static final String	ECDSA_ELLIPTIC_CURVE_KEY = "ecdsaEllipticCurveKey"

static ProviderConfigProperty	ECDSA_ELLIPTIC_CURVE_PROPERTY

非公開メンバ関数
void	generateKeys (ComponentModel model, String ecInNistRep)

静的非公開変数類
static final Logger	logger = Logger.getLogger(GeneratedEcdsaKeyProviderFactory.class)

static final String	HELP_TEXT = "Generates ECDSA keys"

static final List< ProviderConfigProperty >	CONFIG_PROPERTIES

詳解

関数詳解

◆ configurationBuilder()

static final ProviderConfigurationBuilder org.keycloak.keys.AbstractEcdsaKeyProviderFactory.configurationBuilder ( )

inlinestaticinherited

                                                                             {
         return ProviderConfigurationBuilder.create()
                 .property(Attributes.PRIORITY_PROPERTY)
                 .property(Attributes.ENABLED_PROPERTY)
                 .property(Attributes.ACTIVE_PROPERTY);
     }

◆ convertAlgorithmToECDomainParmNistRep()

static String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.convertAlgorithmToECDomainParmNistRep ( String algorithm )

inlinestaticinherited

                                                                                  {
         switch(algorithm) {
             case Algorithm.ES256 :
                 return "P-256";
             case Algorithm.ES384 :
                 return "P-384";
             case Algorithm.ES512 :
                 return "P-521";
             default :
                 return null;
         }
     }

◆ convertECDomainParmNistRepToAlgorithm()

static String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.convertECDomainParmNistRepToAlgorithm ( String ecInNistRep )

inlinestaticinherited

                                                                                    {
         switch(ecInNistRep) {
             case "P-256" :
                 return Algorithm.ES256;
             case "P-384" :
                 return Algorithm.ES384;
             case "P-521" :
                 return Algorithm.ES512;
             default :
                 return null;
         }
     }

◆ convertECDomainParmNistRepToSecRep()

static String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.convertECDomainParmNistRepToSecRep ( String ecInNistRep )

inlinestaticinherited

                                                                                 {
         // convert Elliptic Curve Domain Parameter Name in NIST to SEC which is used to generate its EC key
         String ecInSecRep = null;
         switch(ecInNistRep) {
             case "P-256" :
                 ecInSecRep = "secp256r1";
                 break;
             case "P-384" :
                 ecInSecRep = "secp384r1";
                 break;
             case "P-521" :
                 ecInSecRep = "secp521r1";
                 break;
             default :
                 // return null
         }
         return ecInSecRep;
     }

◆ create()

KeyProvider org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.create	(	KeycloakSession	session,
		ComponentModel	model
	)

inline

                                                                              {
         return new GeneratedEcdsaKeyProvider(session.getContext().getRealm(), model);
     }

◆ createFallbackKeys()

boolean org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.createFallbackKeys	(	KeycloakSession	session,
		KeyUse	keyUse,
		String	algorithm
	)

inline

                                                                                                 {
         if (keyUse.equals(KeyUse.SIG) && (algorithm.equals(Algorithm.ES256) || algorithm.equals(Algorithm.ES384) || algorithm.equals(Algorithm.ES512))) {
             RealmModel realm = session.getContext().getRealm();
 
             ComponentModel generated = new ComponentModel();
             generated.setName("fallback-" + algorithm);
             generated.setParentId(realm.getId());
             generated.setProviderId(ID);
             generated.setProviderType(KeyProvider.class.getName());
 
             MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
             config.putSingle(Attributes.PRIORITY_KEY, "-100");
             config.putSingle(ECDSA_ELLIPTIC_CURVE_KEY, convertAlgorithmToECDomainParmNistRep(algorithm));
             generated.setConfig(config);
 
             realm.addComponentModel(generated);
 
             return true;
         } else {
             return false;
         }
     }

◆ generateEcdsaKeyPair()

static KeyPair org.keycloak.keys.AbstractEcdsaKeyProviderFactory.generateEcdsaKeyPair ( String keySpecName )

inlinestaticinherited

                                                                    {
         try {
             KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
             SecureRandom randomGen = SecureRandom.getInstance("SHA1PRNG");
             ECGenParameterSpec ecSpec = new ECGenParameterSpec(keySpecName);
             keyGen.initialize(ecSpec, randomGen);
             return keyGen.generateKeyPair();
         } catch (Exception e) {
             throw new RuntimeException(e);
         }
     }

◆ generateKeys()

void org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.generateKeys	(	ComponentModel	model,
		String	ecInNistRep
	)

inlineprivate

                                                                         {
         KeyPair keyPair;
         try {
             keyPair = generateEcdsaKeyPair(convertECDomainParmNistRepToSecRep(ecInNistRep));
             model.put(ECDSA_PRIVATE_KEY_KEY, Base64.encodeBytes(keyPair.getPrivate().getEncoded()));
             model.put(ECDSA_PUBLIC_KEY_KEY, Base64.encodeBytes(keyPair.getPublic().getEncoded()));
             model.put(ECDSA_ELLIPTIC_CURVE_KEY, ecInNistRep);
         } catch (Throwable t) {
             throw new ComponentValidationException("Failed to generate ECDSA keys", t);
         }
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.getConfigProperties ( )

inline

                                                               {
         return CONFIG_PROPERTIES;
     }

◆ getHelpText()

String org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.getHelpText ( )

inline

                                 {
         return HELP_TEXT;
     }

◆ getId()

String org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.getId ( )

inline

                           {
         return ID;
     }

◆ validateConfiguration()

void org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.validateConfiguration	(	KeycloakSession	session,
		RealmModel	realm,
		ComponentModel	model
	)		throws ComponentValidationException

inline

                                                                                                                                            {
         super.validateConfiguration(session, realm, model);
 
         ConfigurationValidationHelper.check(model).checkList(ECDSA_ELLIPTIC_CURVE_PROPERTY, false);
 
         String ecInNistRep = model.get(ECDSA_ELLIPTIC_CURVE_KEY);
         if (ecInNistRep == null) ecInNistRep = DEFAULT_ECDSA_ELLIPTIC_CURVE;
 
         if (!(model.contains(ECDSA_PRIVATE_KEY_KEY) && model.contains(ECDSA_PUBLIC_KEY_KEY))) {
             generateKeys(model, ecInNistRep);
             logger.debugv("Generated keys for {0}", realm.getName());
         } else {
             String currentEc = model.get(ECDSA_ELLIPTIC_CURVE_KEY);
             if (!ecInNistRep.equals(currentEc)) {
                 generateKeys(model, ecInNistRep);
                 logger.debugv("Elliptic Curve changed, generating new keys for {0}", realm.getName());
             }
         }
     }

メンバ詳解

◆ CONFIG_PROPERTIES

final List<ProviderConfigProperty> org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.CONFIG_PROPERTIES

staticprivate

初期値:

= AbstractEcdsaKeyProviderFactory.configurationBuilder()
            .property(ECDSA_ELLIPTIC_CURVE_PROPERTY)
            .build()

◆ DEFAULT_ECDSA_ELLIPTIC_CURVE

final String org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE = "P-256"

static

◆ ECDSA_ELLIPTIC_CURVE_KEY

final String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.ECDSA_ELLIPTIC_CURVE_KEY = "ecdsaEllipticCurveKey"

staticprotectedinherited

◆ ECDSA_ELLIPTIC_CURVE_PROPERTY

ProviderConfigProperty org.keycloak.keys.AbstractEcdsaKeyProviderFactory.ECDSA_ELLIPTIC_CURVE_PROPERTY

staticprotectedinherited

初期値:

= new ProviderConfigProperty(ECDSA_ELLIPTIC_CURVE_KEY, "Elliptic Curve", "Elliptic Curve used in ECDSA", LIST_TYPE,
            String.valueOf(GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE),
            "P-256", "P-384", "P-521")

◆ ECDSA_PRIVATE_KEY_KEY

final String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.ECDSA_PRIVATE_KEY_KEY = "ecdsaPrivateKey"

staticprotectedinherited

◆ ECDSA_PUBLIC_KEY_KEY

final String org.keycloak.keys.AbstractEcdsaKeyProviderFactory.ECDSA_PUBLIC_KEY_KEY = "ecdsaPublicKey"

staticprotectedinherited

◆ HELP_TEXT

final String org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.HELP_TEXT = "Generates ECDSA keys"

staticprivate

◆ ID

final String org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.ID = "ecdsa-generated"

static

◆ logger

final Logger org.keycloak.keys.GeneratedEcdsaKeyProviderFactory.logger = Logger.getLogger(GeneratedEcdsaKeyProviderFactory.class)

staticprivate

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/keys/GeneratedEcdsaKeyProviderFactory.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

静的限定公開変数類

非公開メンバ関数

静的非公開変数類

詳解

関数詳解

◆ configurationBuilder()

◆ convertAlgorithmToECDomainParmNistRep()

◆ convertECDomainParmNistRepToAlgorithm()

◆ convertECDomainParmNistRepToSecRep()

◆ create()

◆ createFallbackKeys()

◆ generateEcdsaKeyPair()

◆ generateKeys()

◆ getConfigProperties()

◆ getHelpText()

◆ getId()

◆ validateConfiguration()

メンバ詳解

◆ CONFIG_PROPERTIES

◆ DEFAULT_ECDSA_ELLIPTIC_CURVE

◆ ECDSA_ELLIPTIC_CURVE_KEY

◆ ECDSA_ELLIPTIC_CURVE_PROPERTY

◆ ECDSA_PRIVATE_KEY_KEY

◆ ECDSA_PUBLIC_KEY_KEY

◆ HELP_TEXT

◆ ID

◆ logger