@Immutable public class OctetKeyPair extends JWK implements AsymmetricJWK, CurveBasedJWK
Octet key pair
JSON Web Key (JWK), used to represent
Edwards-curve keys. This class is immutable.
Supported curves:
Example JSON object representation of a public OKP JWK:
{ "kty" : "OKP", "crv" : "Ed25519", "x" : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", "use" : "sig", "kid" : "1" }
Example JSON object representation of a private OKP JWK:
{ "kty" : "OKP", "crv" : "Ed25519", "x" : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", "d" : "nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A", "use" : "sig", "kid" : "1" }
Use the builder to create a new OKP JWK:
OctetKeyPair key = new OctetKeyPair.Builder(Curve.Ed25519, x) .keyUse(KeyUse.SIGNATURE) .keyID("1") .build();
Modifier and Type | Class and Description |
---|---|
static class |
OctetKeyPair.Builder
Builder for constructing Octet Key Pair JWKs.
|
Modifier and Type | Field and Description |
---|---|
static Set<Curve> |
SUPPORTED_CURVES
Supported Edwards curves.
|
Constructor and Description |
---|
OctetKeyPair(Curve crv,
Base64URL x,
Base64URL d,
KeyUse use,
Set<KeyOperation> ops,
Algorithm alg,
String kid,
URI x5u,
Base64URL x5t,
Base64URL x5t256,
List<Base64> x5c,
KeyStore ks)
Creates a new public / private Octet Key Pair JSON Web Key (JWK)
with the specified parameters.
|
OctetKeyPair(Curve crv,
Base64URL x,
KeyUse use,
Set<KeyOperation> ops,
Algorithm alg,
String kid,
URI x5u,
Base64URL x5t,
Base64URL x5t256,
List<Base64> x5c,
KeyStore ks)
Creates a new public Octet Key Pair JSON Web Key (JWK) with the
specified parameters.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object o) |
Curve |
getCurve()
Returns the cryptographic curve.
|
Base64URL |
getD()
Gets the private 'd' parameter.
|
byte[] |
getDecodedD()
Gets the private 'd' parameter, decoded from Base64.
|
byte[] |
getDecodedX()
Gets the public 'x' parameter, decoded from Base64.
|
LinkedHashMap<String,?> |
getRequiredParams()
Returns the required JWK parameters.
|
Base64URL |
getX()
Gets the public 'x' parameter.
|
int |
hashCode() |
boolean |
isPrivate()
Returns
true if this JWK contains private or sensitive
(non-public) parameters. |
boolean |
matches(X509Certificate cert)
Returns
true if the public key material of this JWK matches
the public subject key info of the specified X.509 certificate. |
static OctetKeyPair |
parse(net.minidev.json.JSONObject jsonObject)
Parses a public / private Octet Key Pair JWK from the specified JSON
object representation.
|
static OctetKeyPair |
parse(String s)
Parses a public / private Octet Key Pair JWK from the specified JSON
object string representation.
|
int |
size()
Returns the size of this JWK.
|
net.minidev.json.JSONObject |
toJSONObject()
Returns a JSON object representation of this JWK.
|
KeyPair |
toKeyPair()
Returns a Java key pair representation of this JWK.
|
PrivateKey |
toPrivateKey()
Returns a Java private key representation of this JWK.
|
OctetKeyPair |
toPublicJWK()
Returns a copy of this Octet Key Pair JWK with any private values
removed.
|
PublicKey |
toPublicKey()
Returns a Java public key representation of the JWK.
|
computeThumbprint, computeThumbprint, getAlgorithm, getKeyID, getKeyOperations, getKeyStore, getKeyType, getKeyUse, getParsedX509CertChain, getX509CertChain, getX509CertSHA256Thumbprint, getX509CertThumbprint, getX509CertURL, load, parse, parseFromPEMEncodedObjects, parseFromPEMEncodedX509Cert, toJSONString, toString
public static final Set<Curve> SUPPORTED_CURVES
public OctetKeyPair(Curve crv, Base64URL x, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
crv
- The cryptographic curve. Must not be null
.x
- The public 'x' parameter. Must not be null
.use
- The key use, null
if not specified or if the
key is intended for signing as well as encryption.ops
- The key operations, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if not specified.kid
- The key ID, null
if not specified.x5u
- The X.509 certificate URL, null
if not
specified.x5t
- The X.509 certificate SHA-1 thumbprint, null
if not specified.x5t256
- The X.509 certificate SHA-256 thumbprint, null
if not specified.x5c
- The X.509 certificate chain, null
if not
specified.ks
- Reference to the underlying key store, null
if
not specified.public OctetKeyPair(Curve crv, Base64URL x, Base64URL d, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
crv
- The cryptographic curve. Must not be null
.x
- The public 'x' parameter. Must not be null
.d
- The private 'd' parameter. Must not be null
.use
- The key use, null
if not specified or if the
key is intended for signing as well as encryption.ops
- The key operations, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if not specified.kid
- The key ID, null
if not specified.x5u
- The X.509 certificate URL, null
if not
specified.x5t
- The X.509 certificate SHA-1 thumbprint, null
if not specified.x5t256
- The X.509 certificate SHA-256 thumbprint, null
if not specified.x5c
- The X.509 certificate chain, null
if not
specified.ks
- Reference to the underlying key store, null
if
not specified.public Curve getCurve()
CurveBasedJWK
getCurve
in interface CurveBasedJWK
public byte[] getDecodedX()
public Base64URL getD()
null
if not specified
(for a public key).public byte[] getDecodedD()
null
if not specified
(for a public key).public PublicKey toPublicKey() throws JOSEException
AsymmetricJWK
toPublicKey
in interface AsymmetricJWK
JOSEException
- If conversion failed or is not supported.public PrivateKey toPrivateKey() throws JOSEException
AsymmetricJWK
toPrivateKey
in interface AsymmetricJWK
null
if not specified.JOSEException
- If conversion failed or is not supported.public KeyPair toKeyPair() throws JOSEException
AsymmetricJWK
toKeyPair
in interface AsymmetricJWK
null
if
not specified.JOSEException
- If conversion failed or is not supported.public boolean matches(X509Certificate cert)
AsymmetricJWK
true
if the public key material of this JWK matches
the public subject key info of the specified X.509 certificate.matches
in interface AsymmetricJWK
cert
- The X.509 certificate. Must not be null
.true
if the public key material of this JWK matches
the public subject key info of the specified X.509
certificate, else false
.public LinkedHashMap<String,?> getRequiredParams()
JWK
getRequiredParams
in class JWK
public boolean isPrivate()
JWK
true
if this JWK contains private or sensitive
(non-public) parameters.public OctetKeyPair toPublicJWK()
toPublicJWK
in class JWK
public net.minidev.json.JSONObject toJSONObject()
JWK
Example:
{ "kty" : "RSA", "use" : "sig", "kid" : "fd28e025-8d24-48bc-a51a-e2ffc8bc274b" }
toJSONObject
in class JWK
public static OctetKeyPair parse(String s) throws ParseException
s
- The JSON object string to parse. Must not be null
.ParseException
- If the string couldn't be parsed to an Octet
Key Pair JWK.public static OctetKeyPair parse(net.minidev.json.JSONObject jsonObject) throws ParseException
jsonObject
- The JSON object to parse. Must not be
null
.ParseException
- If the JSON object couldn't be parsed to an
Octet Key Pair JWK.Copyright © 2019 Connect2id Ltd.. All rights reserved.