@ThreadSafe public class ECDHEncrypter extends ECDHCryptoProvider implements JWEEncrypter
JWE objects
for curves using EC JWK keys.
Expects a public EC key (with a P-256, P-384 or P-521 curve).
See RFC 7518 section 4.6 for more information.
For Curve25519/X25519, see X25519Encrypter
instead.
This class is thread-safe.
Supports the following key management algorithms:
JWEAlgorithm.ECDH_ES
JWEAlgorithm.ECDH_ES_A128KW
JWEAlgorithm.ECDH_ES_A192KW
JWEAlgorithm.ECDH_ES_A256KW
Supports the following elliptic curves:
Supports the following content encryption algorithms:
Modifier and Type | Field and Description |
---|---|
static Set<Curve> |
SUPPORTED_ELLIPTIC_CURVES
The supported EC JWK curves by the ECDH crypto provider class.
|
SUPPORTED_ALGORITHMS, SUPPORTED_ENCRYPTION_METHODS
Constructor and Description |
---|
ECDHEncrypter(ECKey ecJWK)
Creates a new Elliptic Curve Diffie-Hellman encrypter.
|
ECDHEncrypter(ECPublicKey publicKey)
Creates a new Elliptic Curve Diffie-Hellman encrypter.
|
ECDHEncrypter(ECPublicKey publicKey,
SecretKey contentEncryptionKey)
Creates a new Elliptic Curve Diffie-Hellman encrypter with an
optionally specified content encryption key (CEK).
|
Modifier and Type | Method and Description |
---|---|
JWECryptoParts |
encrypt(JWEHeader header,
byte[] clearText)
Encrypts the specified clear text of a
JWE object . |
JWEJCAContext |
getJCAContext()
Returns the Java Cryptography Architecture (JCA) context.
|
ECPublicKey |
getPublicKey()
Returns the public EC key.
|
Set<Curve> |
supportedEllipticCurves()
Returns the names of the supported elliptic curves.
|
Set<EncryptionMethod> |
supportedEncryptionMethods()
Returns the names of the supported encryption methods by the JWE
provier.
|
Set<JWEAlgorithm> |
supportedJWEAlgorithms()
Returns the names of the supported algorithms by the JWE provider
instance.
|
decryptWithZ, encryptWithZ, encryptWithZ, getConcatKDF, getCurve
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
supportedEncryptionMethods, supportedJWEAlgorithms
getJCAContext
public static final Set<Curve> SUPPORTED_ELLIPTIC_CURVES
public ECDHEncrypter(ECPublicKey publicKey) throws JOSEException
publicKey
- The public EC key. Must not be null
.JOSEException
- If the elliptic curve is not supported.public ECDHEncrypter(ECKey ecJWK) throws JOSEException
ecJWK
- The EC JSON Web Key (JWK). Must not be null
.JOSEException
- If the elliptic curve is not supported.public ECDHEncrypter(ECPublicKey publicKey, SecretKey contentEncryptionKey) throws JOSEException
publicKey
- The public EC key. Must not be
null
.contentEncryptionKey
- The content encryption key (CEK) to use.
If specified its algorithm must be "AES"
and its length must match the expected
for the JWE encryption method ("enc").
If null
a CEK will be generated
for each JWE.JOSEException
- If the elliptic curve is not supported.public ECPublicKey getPublicKey()
public Set<Curve> supportedEllipticCurves()
ECDHCryptoProvider
crv
EC JWK parameter.supportedEllipticCurves
in class ECDHCryptoProvider
public JWECryptoParts encrypt(JWEHeader header, byte[] clearText) throws JOSEException
JWEEncrypter
JWE object
.encrypt
in interface JWEEncrypter
header
- The JSON Web Encryption (JWE) header. Must specify
a supported JWE algorithm and method. Must not be
null
.clearText
- The clear text to encrypt. Must not be null
.JOSEException
- If the JWE algorithm or method is not
supported or if encryption failed for some
other internal reason.public Set<JWEAlgorithm> supportedJWEAlgorithms()
JWEProvider
alg
JWE header parameter.supportedJWEAlgorithms
in interface JWEProvider
public Set<EncryptionMethod> supportedEncryptionMethods()
JWEProvider
enc
JWE header parameter.supportedEncryptionMethods
in interface JWEProvider
public JWEJCAContext getJCAContext()
JCAAware
getJCAContext
in interface JCAAware<JWEJCAContext>
null
.Copyright © 2021 Connect2id Ltd.. All rights reserved.