Package com.nimbusds.jose.crypto

Class X25519Encrypter

java.lang.Object
com.nimbusds.jose.crypto.impl.BaseJWEProvider
com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
com.nimbusds.jose.crypto.X25519Encrypter
All Implemented Interfaces:
JCAAware<JWEJCAContext>, JOSEProvider, JWEEncrypter, JWEProvider
@ThreadSafe public class X25519Encrypter extends ECDHCryptoProvider implements JWEEncrypter
Curve25519 Elliptic Curve Diffie-Hellman encrypter of JWE objects. Expects a public OctetKeyPair key with "crv" X25519.

See RFC 8037 for more information.

See also ECDHEncrypter for ECDH on other curves.

This class is thread-safe.

Supports the following key management algorithms:

Supports the following elliptic curve:

Supports the following content encryption algorithms:

Version:
2023-03-26
Author:
Tim McLean, Egor Puzanov

  • Constructor Details

    • X25519Encrypter

      public X25519Encrypter(OctetKeyPair publicKey) throws JOSEException
      Creates a new Curve25519 Elliptic Curve Diffie-Hellman encrypter.
      Parameters:
      publicKey - The public key. Must not be null.
      Throws:
      JOSEException - If the key subtype is not supported.

    • X25519Encrypter

      public X25519Encrypter(OctetKeyPair publicKey, SecretKey contentEncryptionKey) throws JOSEException
      Creates a new Curve25519 Elliptic Curve Diffie-Hellman encrypter.
      Parameters:
      publicKey - The public key. Must not be null.
      contentEncryptionKey - The content encryption key (CEK) to use. If specified its algorithm must be "AES" or "ChaCha20" and its length must match the expected for the JWE encryption method ("enc"). If null a CEK will be generated for each JWE.
      Throws:
      JOSEException - If the key subtype is not supported.

  • Method Details

    • supportedEllipticCurves

      public Set<Curve> supportedEllipticCurves()
      Description copied from class: ECDHCryptoProvider
      Returns the names of the supported elliptic curves. These correspond to the crv EC JWK parameter.
      Specified by:
      supportedEllipticCurves in class ECDHCryptoProvider
      Returns:
      The supported elliptic curves.

    • getPublicKey

      public OctetKeyPair getPublicKey()
      Returns the public key.
      Returns:
      The public key.

    • encrypt

      @Deprecated public JWECryptoParts encrypt(JWEHeader header, byte[] clearText) throws JOSEException
      Deprecated.
      Encrypts the specified clear text of a JWE object.
      Parameters:
      header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
      clearText - The clear text to encrypt. Must not be null.
      Returns:
      The resulting JWE crypto parts.
      Throws:
      JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.

    • encrypt

      public JWECryptoParts encrypt(JWEHeader header, byte[] clearText, byte[] aad) throws JOSEException
      Description copied from interface: JWEEncrypter
      Encrypts the specified clear text of a JWE object.
      Specified by:
      encrypt in interface JWEEncrypter
      Parameters:
      header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
      clearText - The clear text to encrypt. Must not be null.
      aad - The additional authenticated data. Must not be null.
      Returns:
      The resulting JWE crypto parts.
      Throws:
      JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.