public static class OctetSequenceKey.Builder extends Object
Example usage:
OctetSequenceKey key = new OctetSequenceKey.Builder(k) .algorithm(JWSAlgorithm.HS512) .keyID("123") .build();
Constructor and Description |
---|
Builder(Base64URL k)
Creates a new octet sequence JWK builder.
|
Builder(byte[] key)
Creates a new octet sequence JWK builder.
|
Builder(SecretKey secretKey)
Creates a new octet sequence JWK builder.
|
Modifier and Type | Method and Description |
---|---|
OctetSequenceKey.Builder |
algorithm(Algorithm alg)
Sets the intended JOSE algorithm (
alg ) for the JWK. |
OctetSequenceKey |
build()
Builds a new octet sequence JWK.
|
OctetSequenceKey.Builder |
keyID(String kid)
Sets the ID (
kid ) of the JWK. |
OctetSequenceKey.Builder |
keyIDFromThumbprint()
Sets the ID (
kid ) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). |
OctetSequenceKey.Builder |
keyIDFromThumbprint(String hashAlg)
Sets the ID (
kid ) of the JWK to its JWK thumbprint
(RFC 7638). |
OctetSequenceKey.Builder |
keyOperations(Set<KeyOperation> ops)
Sets the operations (
key_ops ) of the JWK (for a
non-public key). |
OctetSequenceKey.Builder |
keyStore(KeyStore keyStore)
Sets the underlying key store.
|
OctetSequenceKey.Builder |
keyUse(KeyUse use)
Sets the use (
use ) of the JWK. |
OctetSequenceKey.Builder |
x509CertChain(List<Base64> x5c)
Sets the X.509 certificate chain (
x5c ) of the JWK. |
OctetSequenceKey.Builder |
x509CertSHA256Thumbprint(Base64URL x5t256)
Sets the X.509 certificate SHA-256 thumbprint
(
x5t#S256 ) of the JWK. |
OctetSequenceKey.Builder |
x509CertThumbprint(Base64URL x5t)
Deprecated.
|
OctetSequenceKey.Builder |
x509CertURL(URI x5u)
Sets the X.509 certificate URL (
x5u ) of the JWK. |
public Builder(Base64URL k)
k
- The key value. It is represented as the Base64URL
encoding of value's big endian representation. Must
not be null
.public Builder(byte[] key)
key
- The key value. Must not be empty byte array or
null
.public OctetSequenceKey.Builder keyUse(KeyUse use)
use
) of the JWK.use
- The key use, null
if not specified or if
the key is intended for signing as well as
encryption.public OctetSequenceKey.Builder keyOperations(Set<KeyOperation> ops)
key_ops
) of the JWK (for a
non-public key).ops
- The key operations, null
if not
specified.public OctetSequenceKey.Builder algorithm(Algorithm alg)
alg
) for the JWK.alg
- The intended JOSE algorithm, null
if not
specified.public OctetSequenceKey.Builder keyID(String kid)
kid
) of the JWK. The key ID can be used
to match a specific key. This can be used, for instance, to
choose a key within a JWKSet
during key rollover.
The key ID may also correspond to a JWS/JWE kid
header parameter value.kid
- The key ID, null
if not specified.public OctetSequenceKey.Builder keyIDFromThumbprint() throws JOSEException
kid
) of the JWK to its SHA-256 JWK
thumbprint (RFC 7638). The key ID can be used to match a
specific key. This can be used, for instance, to choose a
key within a JWKSet
during key rollover. The key ID
may also correspond to a JWS/JWE kid
header
parameter value.JOSEException
- If the SHA-256 hash algorithm is not
supported.public OctetSequenceKey.Builder keyIDFromThumbprint(String hashAlg) throws JOSEException
kid
) of the JWK to its JWK thumbprint
(RFC 7638). The key ID can be used to match a specific key.
This can be used, for instance, to choose a key within a
JWKSet
during key rollover. The key ID may also
correspond to a JWS/JWE kid
header parameter value.hashAlg
- The hash algorithm for the JWK thumbprint
computation. Must not be null
.JOSEException
- If the hash algorithm is not
supported.public OctetSequenceKey.Builder x509CertURL(URI x5u)
x5u
) of the JWK.x5u
- The X.509 certificate URL, null
if not
specified.@Deprecated public OctetSequenceKey.Builder x509CertThumbprint(Base64URL x5t)
x5t
) of
the JWK.x5t
- The X.509 certificate SHA-1 thumbprint,
null
if not specified.public OctetSequenceKey.Builder x509CertSHA256Thumbprint(Base64URL x5t256)
x5t#S256
) of the JWK.x5t256
- The X.509 certificate SHA-256 thumbprint,
null
if not specified.public OctetSequenceKey.Builder x509CertChain(List<Base64> x5c)
x5c
) of the JWK.x5c
- The X.509 certificate chain as a unmodifiable
list, null
if not specified.public OctetSequenceKey.Builder keyStore(KeyStore keyStore)
keyStore
- Reference to the underlying key store,
null
if none.public OctetSequenceKey build()
IllegalStateException
- If the JWK parameters were
inconsistently specified.Copyright © 2020 Connect2id Ltd.. All rights reserved.