public static class OctetKeyPair.Builder extends Object
Example usage:
OctetKeyPair key = new OctetKeyPair.Builder(Curve.Ed25519, x) .d(d) .algorithm(JWSAlgorithm.EdDSA) .keyID("1") .build();
Constructor and Description |
---|
Builder(Curve crv,
Base64URL x)
Creates a new Octet Key Pair JWK builder.
|
Builder(OctetKeyPair okpJWK)
Creates a new Octet Key Pair JWK builder.
|
Modifier and Type | Method and Description |
---|---|
OctetKeyPair.Builder |
algorithm(Algorithm alg)
Sets the intended JOSE algorithm (
alg ) for the JWK. |
OctetKeyPair |
build()
Builds a new Octet Key Pair JWK.
|
OctetKeyPair.Builder |
d(Base64URL d)
Sets the private 'd' parameter.
|
OctetKeyPair.Builder |
keyID(String kid)
Sets the ID (
kid ) of the JWK. |
OctetKeyPair.Builder |
keyIDFromThumbprint()
Sets the ID (
kid ) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
OctetKeyPair.Builder |
keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid ) of the JWK to its JWK thumbprint
(RFC 7638). |
OctetKeyPair.Builder |
keyOperations(Set<KeyOperation> ops)
Sets the operations (
key_ops ) of the JWK. |
OctetKeyPair.Builder |
keyStore(KeyStore keyStore)
Sets the underlying key store.
|
OctetKeyPair.Builder |
keyUse(KeyUse use)
Sets the use (
use ) of the JWK. |
OctetKeyPair.Builder |
x509CertChain(List<Base64> x5c)
Sets the X.509 certificate chain (
x5c ) of the JWK. |
OctetKeyPair.Builder |
x509CertSHA256Thumbprint(Base64URL x5t256)
Sets the X.509 certificate SHA-256 thumbprint
(
x5t#S256 ) of the JWK. |
OctetKeyPair.Builder |
x509CertThumbprint(Base64URL x5t)
Deprecated.
|
OctetKeyPair.Builder |
x509CertURL(URI x5u)
Sets the X.509 certificate URL (
x5u ) of the JWK. |
public Builder(Curve crv, Base64URL x)
crv
- The cryptographic curve. Must not be
null
.x
- The public 'x' parameter. Must not be
null
.public Builder(OctetKeyPair okpJWK)
okpJWK
- The Octet Key Pair to start with. Must not be
null
.public OctetKeyPair.Builder d(Base64URL d)
d
- The private 'd' parameter, null
if not
specified (for a public key).public OctetKeyPair.Builder keyUse(KeyUse use)
use
) of the JWK.use
- The key use, null
if not specified or if
the key is intended for signing as well as
encryption.public OctetKeyPair.Builder keyOperations(Set<KeyOperation> ops)
key_ops
) of the JWK.ops
- The key operations, null
if not
specified.public OctetKeyPair.Builder algorithm(Algorithm alg)
alg
) for the JWK.alg
- The intended JOSE algorithm, null
if not
specified.public OctetKeyPair.Builder keyID(String kid)
kid
) of the JWK. The key ID can be used
to match a specific key. This can be used, for instance, to
choose a key within a JWKSet
during key rollover.
The key ID may also correspond to a JWS/JWE kid
header parameter value.kid
- The key ID, null
if not specified.public OctetKeyPair.Builder keyIDFromThumbprint() throws JOSEException
kid
) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). The key ID can be used to match a
specific key. This can be used, for instance, to choose a
key within a JWKSet
during key rollover. The key ID
may also correspond to a JWS/JWE kid
header
parameter value.JOSEException
- If the SHA-256 hash algorithm is not
supported.public OctetKeyPair.Builder keyIDFromThumbprint(String hashAlg) throws JOSEException
kid
) of the JWK to its JWK thumbprint
(RFC 7638). The key ID can be used to match a specific key.
This can be used, for instance, to choose a key within a
JWKSet
during key rollover. The key ID may also
correspond to a JWS/JWE kid
header parameter value.hashAlg
- The hash algorithm for the JWK thumbprint
computation. Must not be null
.JOSEException
- If the hash algorithm is not
supported.public OctetKeyPair.Builder x509CertURL(URI x5u)
x5u
) of the JWK.x5u
- The X.509 certificate URL, null
if not
specified.@Deprecated public OctetKeyPair.Builder x509CertThumbprint(Base64URL x5t)
x5t
) of
the JWK.x5t
- The X.509 certificate SHA-1 thumbprint,
null
if not specified.public OctetKeyPair.Builder x509CertSHA256Thumbprint(Base64URL x5t256)
x5t#S256
) of the JWK.x5t256
- The X.509 certificate SHA-256 thumbprint,
null
if not specified.public OctetKeyPair.Builder x509CertChain(List<Base64> x5c)
x5c
) of the JWK.x5c
- The X.509 certificate chain as a unmodifiable
list, null
if not specified.public OctetKeyPair.Builder keyStore(KeyStore keyStore)
keyStore
- Reference to the underlying key store,
null
if none.public OctetKeyPair build()
IllegalStateException
- If the JWK parameters were
inconsistently specified.Copyright © 2020 Connect2id Ltd.. All rights reserved.