| Package | Description |
|---|---|
| com.nimbusds.jose |
Javascript Object Signing and Encryption (JOSE) classes.
|
| com.nimbusds.jose.crypto |
Implementations of all standard Javascript Object Signing and Encryption
(JOSE) algorithms.
|
| com.nimbusds.jose.crypto.factories |
JWS verifier and JWE decrypter factories for use by the JOSE / JWT processor
framework.
|
| com.nimbusds.jose.crypto.impl |
Cryptographic primitives and framework for the JWS signers / verifiers and
JWE encrypters / decrypters in the
com.nimbusds.jose.crypto package. |
| com.nimbusds.jose.jwk |
JSON Web Key (JWK) classes.
|
| com.nimbusds.jose.jwk.gen |
Key generation utilities.
|
| com.nimbusds.jose.proc |
Secure framework for application-specific verification and decryption of
JOSE objects (with arbitrary payloads).
|
| com.nimbusds.jose.util |
Utility interfaces and classes.
|
| com.nimbusds.jwt.proc |
Secure framework for application-specific verification and decryption of
JSON Web Tokens (JWTs).
|
| Modifier and Type | Class and Description |
|---|---|
class |
KeyException
Key exception.
|
class |
KeyLengthException
Key length exception.
|
class |
KeySourceException
Key source exception.
|
class |
KeyTypeException
Key type exception.
|
class |
RemoteKeySourceException
Remote key source exception.
|
| Modifier and Type | Method and Description |
|---|---|
void |
JWEObject.decrypt(JWEDecrypter decrypter)
Decrypts this JWE object with the specified decrypter.
|
byte[] |
JWEDecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag)
Decrypts the specified cipher text of a
JWE Object. |
void |
JWEObject.encrypt(JWEEncrypter encrypter)
Encrypts this JWE object with the specified encrypter.
|
JWECryptoParts |
JWEEncrypter.encrypt(JWEHeader header,
byte[] clearText)
Encrypts the specified clear text of a
JWE object. |
Base64URL |
JWSSigner.sign(JWSHeader header,
byte[] signingInput)
Signs the specified
input of a
JWS object. |
void |
JWSObject.sign(JWSSigner signer)
Signs this JWS object with the specified signer.
|
boolean |
JWSVerifier.verify(JWSHeader header,
byte[] signingInput,
Base64URL signature)
Verifies the specified
signature of a
JWS object. |
boolean |
JWSObject.verify(JWSVerifier verifier)
Checks the signature of this JWS object with the specified verifier.
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
PasswordBasedDecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
byte[] |
AESDecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
byte[] |
ECDHDecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
byte[] |
X25519Decrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
byte[] |
RSADecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
byte[] |
DirectDecrypter.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag) |
JWECryptoParts |
RSAEncrypter.encrypt(JWEHeader header,
byte[] clearText) |
JWECryptoParts |
AESEncrypter.encrypt(JWEHeader header,
byte[] clearText) |
JWECryptoParts |
DirectEncrypter.encrypt(JWEHeader header,
byte[] clearText) |
JWECryptoParts |
ECDHEncrypter.encrypt(JWEHeader header,
byte[] clearText) |
JWECryptoParts |
PasswordBasedEncrypter.encrypt(JWEHeader header,
byte[] clearText) |
JWECryptoParts |
X25519Encrypter.encrypt(JWEHeader header,
byte[] clearText) |
static int |
MACSigner.getMinRequiredSecretLength(JWSAlgorithm alg)
Returns the minimal required secret length for the specified HMAC
JWS algorithm.
|
Base64URL |
MACSigner.sign(JWSHeader header,
byte[] signingInput) |
Base64URL |
RSASSASigner.sign(JWSHeader header,
byte[] signingInput) |
Base64URL |
Ed25519Signer.sign(JWSHeader header,
byte[] signingInput) |
Base64URL |
ECDSASigner.sign(JWSHeader header,
byte[] signingInput) |
boolean |
MACVerifier.verify(JWSHeader header,
byte[] signedContent,
Base64URL signature) |
boolean |
Ed25519Verifier.verify(JWSHeader header,
byte[] signedContent,
Base64URL signature) |
boolean |
ECDSAVerifier.verify(JWSHeader header,
byte[] signedContent,
Base64URL signature) |
boolean |
RSASSAVerifier.verify(JWSHeader header,
byte[] signedContent,
Base64URL signature) |
| Constructor and Description |
|---|
ECDHDecrypter(ECKey ecJWK)
Creates a new Elliptic Curve Diffie-Hellman decrypter.
|
ECDHDecrypter(ECPrivateKey privateKey)
Creates a new Elliptic Curve Diffie-Hellman decrypter.
|
ECDHDecrypter(ECPrivateKey privateKey,
Set<String> defCritHeaders)
Creates a new Elliptic Curve Diffie-Hellman decrypter.
|
ECDHDecrypter(PrivateKey privateKey,
Set<String> defCritHeaders,
Curve curve)
Creates a new Elliptic Curve Diffie-Hellman decrypter.
|
ECDHEncrypter(ECKey ecJWK)
Creates a new Elliptic Curve Diffie-Hellman encrypter.
|
ECDHEncrypter(ECPublicKey publicKey)
Creates a new Elliptic Curve Diffie-Hellman encrypter.
|
ECDHEncrypter(ECPublicKey publicKey,
SecretKey contentEncryptionKey)
Creates a new Elliptic Curve Diffie-Hellman encrypter with an
optionally specified content encryption key (CEK).
|
ECDSASigner(ECKey ecJWK)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
signer.
|
ECDSASigner(ECPrivateKey privateKey)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
signer.
|
ECDSASigner(PrivateKey privateKey,
Curve curve)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
signer.
|
ECDSAVerifier(ECKey ecJWK)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
verifier.
|
ECDSAVerifier(ECPublicKey publicKey)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
verifier.
|
ECDSAVerifier(ECPublicKey publicKey,
Set<String> defCritHeaders)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
verifier.
|
Ed25519Signer(OctetKeyPair privateKey)
Creates a new Ed25519 signer.
|
Ed25519Verifier(OctetKeyPair publicKey)
Creates a new Ed25519 verifier.
|
Ed25519Verifier(OctetKeyPair publicKey,
Set<String> defCritHeaders)
Creates a Ed25519 verifier.
|
MACVerifier(byte[] secret)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(byte[] secret,
Set<String> defCritHeaders)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(OctetSequenceKey jwk)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(OctetSequenceKey jwk,
Set<String> defCritHeaders)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(SecretKey secretKey)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(String secretString)
Creates a new Message Authentication (MAC) verifier.
|
RSADecrypter(RSAKey rsaJWK)
Creates a new RSA decrypter.
|
RSAEncrypter(RSAKey rsaJWK)
Creates a new RSA encrypter.
|
RSASSASigner(RSAKey rsaJWK)
Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.
|
RSASSASigner(RSAKey rsaJWK,
boolean allowWeakKey)
Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.
|
RSASSAVerifier(RSAKey rsaJWK)
Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) verifier.
|
X25519Decrypter(OctetKeyPair privateKey)
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.
|
X25519Decrypter(OctetKeyPair privateKey,
Set<String> defCritHeaders)
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.
|
X25519Encrypter(OctetKeyPair publicKey)
Creates a new Curve25519 Elliptic Curve Diffie-Hellman encrypter.
|
| Modifier and Type | Method and Description |
|---|---|
JWEDecrypter |
DefaultJWEDecrypterFactory.createJWEDecrypter(JWEHeader header,
Key key) |
JWSVerifier |
DefaultJWSVerifierFactory.createJWSVerifier(JWSHeader header,
Key key) |
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
DeflateHelper.applyCompression(JWEHeader jweHeader,
byte[] bytes)
Applies compression to the specified plain text if requested.
|
static byte[] |
DeflateHelper.applyDecompression(JWEHeader jweHeader,
byte[] bytes)
Applies decompression to the specified plain text if requested.
|
static byte[] |
HMAC.compute(SecretKey secretKey,
byte[] message,
Provider provider)
Computes a Hash-based Message Authentication Code (HMAC) for the
specified secret key and message.
|
static byte[] |
HMAC.compute(String alg,
byte[] secret,
byte[] message,
Provider provider)
Computes a Hash-based Message Authentication Code (HMAC) for the
specified secret and message.
|
static byte[] |
ContentCryptoProvider.decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag,
SecretKey cek,
JWEJCAContext jcaProvider)
Decrypts the specified cipher text.
|
static byte[] |
LegacyAESGCM.decrypt(SecretKey secretKey,
byte[] iv,
byte[] cipherText,
byte[] authData,
byte[] authTag)
Decrypts the specified cipher text using AES/GCM/NoPadding.
|
static byte[] |
AESGCM.decrypt(SecretKey secretKey,
byte[] iv,
byte[] cipherText,
byte[] authData,
byte[] authTag,
Provider provider)
Decrypts the specified cipher text using AES/GCM/NoPadding.
|
static byte[] |
AESCBC.decrypt(SecretKey secretKey,
byte[] iv,
byte[] cipherText,
Provider provider)
Decrypts the specified cipher text using AES/CBC/PKCS5Padding.
|
static byte[] |
AESCBC.decryptAuthenticated(SecretKey secretKey,
byte[] iv,
byte[] cipherText,
byte[] aad,
byte[] authTag,
Provider ceProvider,
Provider macProvider)
Decrypts the specified cipher text using AES/CBC/PKCS5Padding/
HMAC-SHA2.
|
static SecretKey |
RSA1_5.decryptCEK(PrivateKey priv,
byte[] encryptedCEK,
int keyLength,
Provider provider)
Decrypts the specified encrypted Content Encryption Key (CEK).
|
static SecretKey |
RSA_OAEP.decryptCEK(PrivateKey priv,
byte[] encryptedCEK,
Provider provider)
Decrypts the specified encrypted Content Encryption Key (CEK).
|
static SecretKey |
RSA_OAEP_256.decryptCEK(PrivateKey priv,
byte[] encryptedCEK,
Provider provider)
Decrypts the specified encrypted Content Encryption Key (CEK).
|
static SecretKey |
AESGCMKW.decryptCEK(SecretKey kek,
byte[] iv,
AuthenticatedCipherText authEncrCEK,
int keyLength,
Provider provider)
Decrypts the specified encrypted Content Encryption Key (CEK).
|
static byte[] |
AESCBC.decryptWithConcatKDF(JWEHeader header,
SecretKey secretKey,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag,
Provider ceProvider,
Provider macProvider)
Decrypts the specified cipher text using the deprecated concat KDF
from JOSE draft suite 09.
|
protected byte[] |
ECDHCryptoProvider.decryptWithZ(JWEHeader header,
SecretKey Z,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag)
Decrypts the encrypted JWE parts using the specified shared secret ("Z").
|
static SecretKey |
PBKDF2.deriveKey(byte[] password,
byte[] formattedSalt,
int iterationCount,
PRFParams prfParams)
Derives a PBKDF2 key from the specified password and parameters.
|
SecretKey |
ConcatKDF.deriveKey(SecretKey sharedSecret,
int keyLengthBits,
byte[] otherInfo)
Derives a key from the specified inputs.
|
SecretKey |
ConcatKDF.deriveKey(SecretKey sharedSecret,
int keyLength,
byte[] algID,
byte[] partyUInfo,
byte[] partyVInfo,
byte[] suppPubInfo,
byte[] suppPrivInfo)
Derives a key from the specified inputs.
|
static SecretKey |
ECDH.deriveSharedKey(JWEHeader header,
SecretKey Z,
ConcatKDF concatKDF)
Derives a shared key (via concat KDF).
|
static SecretKey |
ECDH.deriveSharedSecret(ECPublicKey publicKey,
PrivateKey privateKey,
Provider provider)
Derives a shared secret (also called 'Z') from the specified ECDH
key agreement.
|
static SecretKey |
ECDH.deriveSharedSecret(OctetKeyPair publicKey,
OctetKeyPair privateKey)
Derives a shared secret (also called 'Z') from the specified ECDH
key agreement.
|
static JWECryptoParts |
ContentCryptoProvider.encrypt(JWEHeader header,
byte[] clearText,
SecretKey cek,
Base64URL encryptedKey,
JWEJCAContext jcaProvider)
Encrypts the specified clear text (content).
|
static AuthenticatedCipherText |
LegacyAESGCM.encrypt(SecretKey secretKey,
byte[] iv,
byte[] plainText,
byte[] authData)
Encrypts the specified plain text using AES/GCM/NoPadding.
|
static byte[] |
AESCBC.encrypt(SecretKey secretKey,
byte[] iv,
byte[] plainText,
Provider provider)
Encrypts the specified plain text using AES/CBC/PKCS5Padding.
|
static AuthenticatedCipherText |
AESGCM.encrypt(SecretKey secretKey,
Container<byte[]> ivContainer,
byte[] plainText,
byte[] authData,
Provider provider)
Encrypts the specified plain text using AES/GCM/NoPadding.
|
static AuthenticatedCipherText |
AESCBC.encryptAuthenticated(SecretKey secretKey,
byte[] iv,
byte[] plainText,
byte[] aad,
Provider ceProvider,
Provider macProvider)
Encrypts the specified plain text using AES/CBC/PKCS5Padding/
HMAC-SHA2.
|
static byte[] |
RSA_OAEP.encryptCEK(RSAPublicKey pub,
SecretKey cek,
Provider provider)
Encrypts the specified Content Encryption Key (CEK).
|
static byte[] |
RSA_OAEP_256.encryptCEK(RSAPublicKey pub,
SecretKey cek,
Provider provider)
Encrypts the specified Content Encryption Key (CEK).
|
static byte[] |
RSA1_5.encryptCEK(RSAPublicKey pub,
SecretKey cek,
Provider provider)
Encrypts the specified Content Encryption Key (CEK).
|
static AuthenticatedCipherText |
AESGCMKW.encryptCEK(SecretKey cek,
Container<byte[]> iv,
SecretKey kek,
Provider provider)
Encrypts the specified Content Encryption Key (CEK).
|
static AuthenticatedCipherText |
AESCBC.encryptWithConcatKDF(JWEHeader header,
SecretKey secretKey,
Base64URL encryptedKey,
byte[] iv,
byte[] plainText,
Provider ceProvider,
Provider macProvider)
Encrypts the specified plain text using the deprecated concat KDF
from JOSE draft suite 09.
|
protected JWECryptoParts |
ECDHCryptoProvider.encryptWithZ(JWEHeader header,
SecretKey Z,
byte[] clearText)
Encrypts the specified plaintext using the specified shared secret
("Z").
|
protected JWECryptoParts |
ECDHCryptoProvider.encryptWithZ(JWEHeader header,
SecretKey Z,
byte[] clearText,
SecretKey contentEncryptionKey)
Encrypts the specified plaintext using the specified shared secret
("Z") and, if provided, the content encryption key (CEK).
|
void |
CriticalHeaderParamsDeferral.ensureHeaderPasses(JWEHeader header)
Throws a JOSE exception if the specified JWE header doesn't pass the
critical header parameters check.
|
static byte[] |
PBKDF2.formatSalt(JWEAlgorithm alg,
byte[] salt)
Formats the specified cryptographic salt for use in PBKDF2.
|
static SecretKey |
ContentCryptoProvider.generateCEK(EncryptionMethod enc,
SecureRandom randomGen)
Generates a Content Encryption Key (CEK) for the specified JOSE
encryption method.
|
static SecretKey |
LegacyConcatKDF.generateCEK(SecretKey key,
EncryptionMethod enc,
byte[] epu,
byte[] epv)
Generates a Content Encryption Key (CEK) from the specified
Content Master Key (CMK) and JOSE encryption method.
|
static SecretKey |
LegacyConcatKDF.generateCIK(SecretKey key,
EncryptionMethod enc,
byte[] epu,
byte[] epv)
Generates a Content Integrity Key (CIK) from the specified
Content Master Key (CMK) and JOSE encryption method.
|
static Mac |
HMAC.getInitMac(SecretKey secretKey,
Provider provider) |
protected static String |
MACProvider.getJCAAlgorithmName(JWSAlgorithm alg)
Gets the matching Java Cryptography Architecture (JCA) algorithm
name for the specified HMAC-based JSON Web Algorithm (JWA).
|
static int |
ECDSA.getSignatureByteArrayLength(JWSAlgorithm alg)
Returns the expected signature byte array length (R + S parts) for
the specified ECDSA algorithm.
|
static Signature |
RSASSA.getSignerAndVerifier(JWSAlgorithm alg,
Provider provider)
Returns a signer and verifier for the specified RSASSA-based JSON
Web Algorithm (JWA).
|
static Signature |
ECDSA.getSignerAndVerifier(JWSAlgorithm alg,
Provider jcaProvider)
Creates a new JCA signer / verifier for ECDSA.
|
static PRFParams |
PRFParams.resolve(JWEAlgorithm alg,
Provider macProvider)
Resolves the Pseudo-Random Function (PRF) parameters for the
specified PBES2 JWE algorithm.
|
static JWSAlgorithm |
ECDSA.resolveAlgorithm(Curve curve)
Resolves the matching EC DSA algorithm for the specified elliptic
curve.
|
static JWSAlgorithm |
ECDSA.resolveAlgorithm(ECKey ecKey)
Resolves the matching EC DSA algorithm for the specified EC key
(public or private).
|
static ECDH.AlgorithmMode |
ECDH.resolveAlgorithmMode(JWEAlgorithm alg)
Resolves the ECDH algorithm mode.
|
static int |
ECDH.sharedKeyLength(JWEAlgorithm alg,
EncryptionMethod enc)
Returns the bit length of the shared key (derived via concat KDF)
for the specified JWE ECDH algorithm.
|
static PrivateKey |
RSAKeyUtils.toRSAPrivateKey(RSAKey rsaJWK)
Returns the private RSA key of the specified RSA JWK.
|
static byte[] |
ECDSA.transcodeSignatureToConcat(byte[] derSignature,
int outputLength)
Transcodes the JCA ASN.1/DER-encoded signature into the concatenated
R + S format expected by ECDSA JWS.
|
static byte[] |
ECDSA.transcodeSignatureToDER(byte[] jwsSignature)
Transcodes the ECDSA JWS signature into ASN.1/DER format for use by
the JCA verifier.
|
static SecretKey |
AESKW.unwrapCEK(SecretKey kek,
byte[] encryptedCEK,
Provider provider)
Unwraps the specified encrypted Content Encryption Key (CEK).
|
static byte[] |
AESKW.wrapCEK(SecretKey cek,
SecretKey kek,
Provider provider)
Wraps the specified Content Encryption Key (CEK).
|
| Constructor and Description |
|---|
ECDHCryptoProvider(Curve curve)
Creates a new Elliptic Curve Diffie-Hellman encryption /decryption
provider.
|
ECDSAProvider(JWSAlgorithm alg)
Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA)
provider.
|
| Modifier and Type | Method and Description |
|---|---|
static Base64URL |
ThumbprintUtils.compute(JWK jwk)
Computes the SHA-256 thumbprint for the specified JWK.
|
static Base64URL |
ThumbprintUtils.compute(String hashAlg,
JWK jwk)
Computes the thumbprint for the specified JWK.
|
static Base64URL |
ThumbprintUtils.compute(String hashAlg,
LinkedHashMap<String,?> params)
Computes the thumbprint for the specified required JWK parameters.
|
Base64URL |
JWK.computeThumbprint()
Computes the SHA-256 thumbprint of this JWK.
|
Base64URL |
JWK.computeThumbprint(String hashAlg)
Computes the thumbprint of this JWK using the specified hash
algorithm.
|
RSAKey.Builder |
RSAKey.Builder.keyIDFromThumbprint()
Sets the ID (
kid) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
OctetSequenceKey.Builder |
OctetSequenceKey.Builder.keyIDFromThumbprint()
Sets the ID (
kid) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
ECKey.Builder |
ECKey.Builder.keyIDFromThumbprint()
Sets the ID (
kid) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
OctetKeyPair.Builder |
OctetKeyPair.Builder.keyIDFromThumbprint()
Sets the ID (
kid) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
RSAKey.Builder |
RSAKey.Builder.keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid) of the JWK to its JWK thumbprint
(RFC 7638). |
OctetSequenceKey.Builder |
OctetSequenceKey.Builder.keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid) of the JWK to its JWK thumbprint
(RFC 7638). |
ECKey.Builder |
ECKey.Builder.keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid) of the JWK to its JWK thumbprint
(RFC 7638). |
OctetKeyPair.Builder |
OctetKeyPair.Builder.keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid) of the JWK to its JWK thumbprint
(RFC 7638). |
static JWK |
JWK.load(KeyStore keyStore,
String alias,
char[] pin)
Loads a JWK from the specified JCE key store.
|
static RSAKey |
RSAKey.load(KeyStore keyStore,
String alias,
char[] pin)
Loads a public / private RSA JWK from the specified JCA key store.
|
static OctetSequenceKey |
OctetSequenceKey.load(KeyStore keyStore,
String alias,
char[] pin)
Loads an octet sequence JWK from the specified JCA key store.
|
static ECKey |
ECKey.load(KeyStore keyStore,
String alias,
char[] pin)
Loads a public / private Elliptic Curve JWK from the specified JCA
key store.
|
static JWK |
JWK.parse(X509Certificate cert)
|
static RSAKey |
RSAKey.parse(X509Certificate cert)
Parses a public RSA JWK from the specified X.509 certificate.
|
static ECKey |
ECKey.parse(X509Certificate cert)
Parses a public Elliptic Curve JWK from the specified X.509
certificate.
|
static JWK |
JWK.parseFromPEMEncodedObjects(String pemEncodedObjects)
Parses an RSA or EC JWK from the specified string of one or more
PEM-encoded object(s):
X.509 certificate (PEM header: BEGIN CERTIFICATE)
PKCS#1 RSAPublicKey (PEM header: BEGIN RSA PUBLIC KEY)
X.509 SubjectPublicKeyInfo (PEM header: BEGIN PUBLIC KEY)
PKCS#1 RSAPrivateKey (PEM header: BEGIN RSA PRIVATE KEY)
PKCS#8 PrivateKeyInfo (PEM header: BEGIN PRIVATE KEY)
matching pair of the above
|
static JWK |
JWK.parseFromPEMEncodedX509Cert(String pemEncodedCert)
|
ECPrivateKey |
ECKey.toECPrivateKey()
Returns a standard
java.security.interfaces.ECPrivateKey
representation of this Elliptic Curve JWK. |
ECPrivateKey |
ECKey.toECPrivateKey(Provider provider)
Returns a standard
java.security.interfaces.ECPrivateKey
representation of this Elliptic Curve JWK. |
ECPublicKey |
ECKey.toECPublicKey()
Returns a standard
java.security.interfaces.ECPublicKey
representation of this Elliptic Curve JWK. |
ECPublicKey |
ECKey.toECPublicKey(Provider provider)
Returns a standard
java.security.interfaces.ECPublicKey
representation of this Elliptic Curve JWK. |
KeyPair |
RSAKey.toKeyPair()
Returns a standard
java.security.KeyPair representation of
this RSA JWK. |
KeyPair |
ECKey.toKeyPair()
Returns a standard
java.security.KeyPair representation of
this Elliptic Curve JWK. |
KeyPair |
AsymmetricJWK.toKeyPair()
Returns a Java key pair representation of this JWK.
|
KeyPair |
OctetKeyPair.toKeyPair() |
KeyPair |
ECKey.toKeyPair(Provider provider)
Returns a standard
java.security.KeyPair representation of
this Elliptic Curve JWK. |
PrivateKey |
RSAKey.toPrivateKey() |
PrivateKey |
ECKey.toPrivateKey() |
PrivateKey |
AsymmetricJWK.toPrivateKey()
Returns a Java private key representation of this JWK.
|
PrivateKey |
OctetKeyPair.toPrivateKey() |
PublicKey |
RSAKey.toPublicKey() |
PublicKey |
ECKey.toPublicKey() |
PublicKey |
AsymmetricJWK.toPublicKey()
Returns a Java public key representation of the JWK.
|
PublicKey |
OctetKeyPair.toPublicKey() |
RSAPrivateKey |
RSAKey.toRSAPrivateKey()
Returns a standard
java.security.interfaces.RSAPrivateKey
representation of this RSA JWK. |
RSAPublicKey |
RSAKey.toRSAPublicKey()
Returns a standard
java.security.interfaces.RSAPublicKey
representation of this RSA JWK. |
| Modifier and Type | Method and Description |
|---|---|
OctetSequenceKey |
OctetSequenceKeyGenerator.generate() |
RSAKey |
RSAKeyGenerator.generate() |
abstract T |
JWKGenerator.generate()
Generates the JWK according to the set parameters.
|
ECKey |
ECKeyGenerator.generate() |
OctetKeyPair |
OctetKeyPairGenerator.generate() |
| Modifier and Type | Method and Description |
|---|---|
JWEDecrypter |
JWEDecrypterFactory.createJWEDecrypter(JWEHeader header,
Key key)
Creates a new JWE decrypter for the specified header and key.
|
JWSVerifier |
JWSVerifierFactory.createJWSVerifier(JWSHeader header,
Key key)
Creates a new JWS verifier for the specified header and key.
|
Payload |
JOSEProcessor.process(JOSEObject joseObject,
C context)
Processes the specified JOSE object (unsecured, JWS or JWE).
|
Payload |
DefaultJOSEProcessor.process(JOSEObject joseObject,
C context) |
Payload |
JOSEProcessor.process(JWEObject jweObject,
C context)
Processes the specified JWE object by decrypting it.
|
Payload |
DefaultJOSEProcessor.process(JWEObject jweObject,
C context) |
Payload |
JOSEProcessor.process(JWSObject jwsObject,
C context)
Processes the specified JWS object by verifying its signature.
|
Payload |
DefaultJOSEProcessor.process(JWSObject jwsObject,
C context) |
Payload |
JOSEProcessor.process(PlainObject plainObject,
C context)
Processes the specified unsecured (plain) JOSE object, typically by
checking its context.
|
Payload |
JOSEProcessor.process(String compactEncodedJOSE,
C context)
Parses and processes the specified JOSE object (unsecured, JWS or
JWE).
|
Payload |
DefaultJOSEProcessor.process(String compactJOSE,
C context) |
| Modifier and Type | Class and Description |
|---|---|
class |
IntegerOverflowException
Integer overflow exception.
|
| Modifier and Type | Method and Description |
|---|---|
JWTClaimsSet |
DefaultJWTProcessor.process(EncryptedJWT encryptedJWT,
C context) |
JWTClaimsSet |
JWTProcessor.process(EncryptedJWT encryptedJWT,
C context)
Processes the specified encrypted JWT by decrypting it.
|
JWTClaimsSet |
DefaultJWTProcessor.process(JWT jwt,
C context) |
JWTClaimsSet |
JWTProcessor.process(JWT jwt,
C context)
Processes the specified JWT (unsecured, signed or encrypted).
|
JWTClaimsSet |
DefaultJWTProcessor.process(PlainJWT plainJWT,
C context) |
JWTClaimsSet |
JWTProcessor.process(PlainJWT plainJWT,
C context)
Processes the specified unsecured (plain) JWT, typically by checking
its context.
|
JWTClaimsSet |
DefaultJWTProcessor.process(SignedJWT signedJWT,
C context) |
JWTClaimsSet |
JWTProcessor.process(SignedJWT signedJWT,
C context)
Processes the specified signed JWT by verifying its signature.
|
JWTClaimsSet |
DefaultJWTProcessor.process(String jwtString,
C context) |
JWTClaimsSet |
JWTProcessor.process(String jwtString,
C context)
Parses and processes the specified JWT (unsecured, signed or
encrypted).
|
Copyright © 2019 Connect2id Ltd.. All rights reserved.