|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.nimbusds.jose.crypto.RSADecrypter
public class RSADecrypter
RSA decrypter of JWE objects
. This class
is thread-safe.
Supports the following JWE algorithms:
Supports the following encryption methods:
EncryptionMethod.A128CBC_HS256
EncryptionMethod.A256CBC_HS512
EncryptionMethod.A128GCM
EncryptionMethod.A256GCM
Accepts all reserved JWE header parameters
. Modify the header filter
properties to restrict the acceptable JWE algorithms,
encryption methods and header parameters, or to allow custom JWE header
parameters.
Field Summary | |
---|---|
static Set<JWEAlgorithm> |
SUPPORTED_ALGORITHMS
The supported JWE algorithms. |
static Set<EncryptionMethod> |
SUPPORTED_ENCRYPTION_METHODS
The supported encryption methods. |
Constructor Summary | |
---|---|
RSADecrypter(RSAPrivateKey privateKey)
Creates a new RSA decrypter. |
Method Summary | |
---|---|
protected static int |
cekBitLength(EncryptionMethod method)
Gets the Content Encryption Key (CEK) length for the specified encryption method. |
protected static int |
cikBitLength(EncryptionMethod method)
Gets the Content Integrity Key (CIK) length for the specified encryption method. |
protected static int |
cmkBitLength(EncryptionMethod method)
Gets the Content Master Key (CMK) length for the specified encryption method. |
byte[] |
decrypt(ReadOnlyJWEHeader readOnlyJWEHeader,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL integrityValue)
Decrypts the specified cipher text of a JWE Object . |
JWEHeaderFilter |
getJWEHeaderFilter()
Gets the JWE header filter associated with the decrypter. |
RSAPrivateKey |
getPrivateKey()
Gets the private RSA key. |
Set<JWEAlgorithm> |
supportedAlgorithms()
Returns the names of the supported JWE algorithms. |
Set<EncryptionMethod> |
supportedEncryptionMethods()
Returns the names of the supported encryption methods. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface com.nimbusds.jose.JWEAlgorithmProvider |
---|
supportedAlgorithms, supportedEncryptionMethods |
Field Detail |
---|
public static final Set<JWEAlgorithm> SUPPORTED_ALGORITHMS
public static final Set<EncryptionMethod> SUPPORTED_ENCRYPTION_METHODS
Constructor Detail |
---|
public RSADecrypter(RSAPrivateKey privateKey)
privateKey
- The private RSA key. Must not be null
.Method Detail |
---|
public RSAPrivateKey getPrivateKey()
public JWEHeaderFilter getJWEHeaderFilter()
JWEDecrypter
supported JWE
algorithms
and header parameters that the decrypter is configured to
accept.
Attempting to decrypt
a JWE object with an
algorithm or header parameter that is not accepted must result in a
JOSEException
.
getJWEHeaderFilter
in interface JWEDecrypter
public byte[] decrypt(ReadOnlyJWEHeader readOnlyJWEHeader, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL integrityValue) throws JOSEException
JWEDecrypter
JWE Object
.
decrypt
in interface JWEDecrypter
readOnlyJWEHeader
- The JSON Web Encryption (JWE) header. Must
specify an accepted JWE algorithm, must contain
only accepted header parameters, and must not
be null
.encryptedKey
- The encrypted key, null
if not required
by the JWE algorithm.iv
- The initialisation vector, null
if not
required by the JWE algorithm.cipherText
- The cipher text to decrypt. Must not be
null
.integrityValue
- The integrity value, null
if not
required by the JWE algorithm.
JOSEException
- If the JWE algorithm is not accepted, if a
header parameter is not accepted, or if
decryption failed for some other reason.protected static int cmkBitLength(EncryptionMethod method) throws JOSEException
method
- The encryption method. Must be supported by this RSA
provider. Must not be null
.
JOSEException
- If the encryption method is not supported.protected static int cekBitLength(EncryptionMethod method) throws JOSEException
method
- The encryption method. Must be supported by this RSA
provider and must employ CEKs. Must not be
null
.
JOSEException
- If the encryption method is not supported or
doesn't employ CEKs.protected static int cikBitLength(EncryptionMethod method) throws JOSEException
method
- The encryption method. Must be supported by this RSA
provider and must employ CIKs. Must not be
null
.
JOSEException
- If the encryption method is not supported or
doesn't employ CIKs.public Set<JWEAlgorithm> supportedAlgorithms()
JWEAlgorithmProvider
alg
JWE header parameter.
supportedAlgorithms
in interface JWEAlgorithmProvider
public Set<EncryptionMethod> supportedEncryptionMethods()
JWEAlgorithmProvider
enc
JWE header parameter.
supportedEncryptionMethods
in interface JWEAlgorithmProvider
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |