public abstract class JWKGenerator<T extends JWK> extends Object
Modifier and Type | Field and Description |
---|---|
protected Algorithm |
alg
The intended JOSE algorithm for the key, optional.
|
protected KeyStore |
keyStore
Reference to the underlying key store,
null if none. |
protected String |
kid
The key ID, optional.
|
protected Set<KeyOperation> |
ops
The key operations, optional.
|
protected KeyUse |
use
The key use, optional.
|
protected boolean |
x5tKid
If
true sets the ID of the JWK to the SHA-256 thumbprint of
the JWK. |
Constructor and Description |
---|
JWKGenerator() |
Modifier and Type | Method and Description |
---|---|
JWKGenerator<T> |
algorithm(Algorithm alg)
Sets the intended JOSE algorithm (
alg ) for the JWK. |
abstract T |
generate()
Generates the JWK according to the set parameters.
|
JWKGenerator<T> |
keyID(String kid)
Sets the ID (
kid ) of the JWK. |
JWKGenerator<T> |
keyIDFromThumbprint(boolean x5tKid)
Sets the ID (
kid ) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
JWKGenerator<T> |
keyOperations(Set<KeyOperation> ops)
Sets the operations (
key_ops ) of the JWK. |
JWKGenerator<T> |
keyStore(KeyStore keyStore)
Sets the underlying key store.
|
JWKGenerator<T> |
keyUse(KeyUse use)
Sets the use (
use ) of the JWK. |
protected Set<KeyOperation> ops
protected boolean x5tKid
true
sets the ID of the JWK to the SHA-256 thumbprint of
the JWK.public JWKGenerator()
public JWKGenerator<T> keyUse(KeyUse use)
use
) of the JWK.use
- The key use, null
if not specified or if
the key is intended for signing as well as
encryption.public JWKGenerator<T> keyOperations(Set<KeyOperation> ops)
key_ops
) of the JWK.ops
- The key operations, null
if not
specified.public JWKGenerator<T> algorithm(Algorithm alg)
alg
) for the JWK.alg
- The intended JOSE algorithm, null
if not
specified.public JWKGenerator<T> keyID(String kid)
kid
) of the JWK. The key ID can be used
to match a specific key. This can be used, for instance, to
choose a key within a JWKSet
during key rollover.
The key ID may also correspond to a JWS/JWE kid
header parameter value.kid
- The key ID, null
if not specified.public JWKGenerator<T> keyIDFromThumbprint(boolean x5tKid)
kid
) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). The key ID can be used to match a
specific key. This can be used, for instance, to choose a
key within a JWKSet
during key rollover. The key ID
may also correspond to a JWS/JWE kid
header
parameter value.x5tKid
- If true
sets the ID of the JWK to the SHA-256
JWK thumbprint.public JWKGenerator<T> keyStore(KeyStore keyStore)
keyStore
- Reference to the underlying key store,
null
if none.public abstract T generate() throws JOSEException
JOSEException
- If the key generation failed.Copyright © 2018 Connect2id Ltd.. All rights reserved.