BcFipsProviderCreator (ce-kafka-client-plugins 8.0.3-ce API)

java.lang.Object

io.confluent.kafka.security.fips.provider.BcFipsProviderCreator

All Implemented Interfaces:: org.apache.kafka.common.Configurable, org.apache.kafka.common.security.auth.SecurityProviderCreator

public class BcFipsProviderCreator extends Object implements org.apache.kafka.common.security.auth.SecurityProviderCreator

Constructor Summary

Constructors

Constructor

Description

BcFipsProviderCreator()
Method Summary

Modifier and Type

Method

Description

Provider

getProvider()

Create the security provider configured.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.kafka.common.security.auth.SecurityProviderCreator
configure

Constructor Details
- BcFipsProviderCreator
  
  public BcFipsProviderCreator()
Method Details
- getProvider
  
  public Provider getProvider()
  
  Create the security provider configured. The constructor parameter is for configuring DRBG. The following comment is from BC FIPS user guide: In order to make the default DRBG suitable for key generation, the default DRBG is configured to be prediction resistant and this can strain the JVMs entropy source especially if hardware RNG is not available. In situations where the amount of entropy is constrained the default DRBG for the provider can be configured to use an DRBG chain based on a SHA-512 SP 800-90A DRBG as the internal DRBG providing a seed generation. To configure this use “C:HYBRID;ENABLE{All};” Note: this function returns a lazily created singleton instance of the Bouncy Castle FIPS provider.
  
  Specified by:
  
  getProvider in interface org.apache.kafka.common.security.auth.SecurityProviderCreator