Class SIVAESBasedPairwiseSubjectCodec
- java.lang.Object
-
- com.nimbusds.openid.connect.sdk.id.PairwiseSubjectCodec
-
- com.nimbusds.openid.connect.sdk.id.SIVAESBasedPairwiseSubjectCodec
-
@ThreadSafe public class SIVAESBasedPairwiseSubjectCodec extends PairwiseSubjectCodec
SIV AES - based encoder / decoder of pairwise subject identifiers. Requires a 256, 384, or 512-bit secret key. Reversal is supported.The plain text is formatted as follows ('|' as delimiter):
sector_id|local_sub
Related specifications:
- Synthetic Initialization Vector (SIV) Authenticated Encryption Using the Advanced Encryption Standard (AES) (RFC 5297).
- OpenID Connect Core 1.0, section 8.1.
-
-
Field Summary
-
Fields inherited from class com.nimbusds.openid.connect.sdk.id.PairwiseSubjectCodec
CHARSET
-
-
Constructor Summary
Constructors Constructor Description SIVAESBasedPairwiseSubjectCodec(SecretKey secretKey)
Creates a new SIV AES - based codec for pairwise subject identifiers.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Map.Entry<SectorID,Subject>
decode(Subject pairwiseSubject)
Decodes the specified pairwise subject identifier to produce the matching sector identifier and local subject.Subject
encode(SectorID sectorID, Subject localSub)
Encodes a new pairwise subject identifier from the specified sector identifier and local subject.SecretKey
getSecretKey()
Returns the secret key.-
Methods inherited from class com.nimbusds.openid.connect.sdk.id.PairwiseSubjectCodec
encode, getProvider, getSalt, setProvider
-
-
-
-
Constructor Detail
-
SIVAESBasedPairwiseSubjectCodec
public SIVAESBasedPairwiseSubjectCodec(SecretKey secretKey)
Creates a new SIV AES - based codec for pairwise subject identifiers.- Parameters:
secretKey
- A 256, 384, or 512-bit secret key. Must not benull
.
-
-
Method Detail
-
getSecretKey
public SecretKey getSecretKey()
Returns the secret key.- Returns:
- The key.
-
encode
public Subject encode(SectorID sectorID, Subject localSub)
Description copied from class:PairwiseSubjectCodec
Encodes a new pairwise subject identifier from the specified sector identifier and local subject.- Specified by:
encode
in classPairwiseSubjectCodec
- Parameters:
sectorID
- The sector identifier. Must not benull
.localSub
- The local subject identifier. Must not benull
.- Returns:
- The pairwise subject identifier.
-
decode
public Map.Entry<SectorID,Subject> decode(Subject pairwiseSubject) throws InvalidPairwiseSubjectException
Description copied from class:PairwiseSubjectCodec
Decodes the specified pairwise subject identifier to produce the matching sector identifier and local subject. Throws aUnsupportedOperationException
. Codecs that support pairwise subject identifier reversal should override this method.- Overrides:
decode
in classPairwiseSubjectCodec
- Parameters:
pairwiseSubject
- The pairwise subject identifier. Must be valid and notnull
.- Returns:
- The matching sector identifier and local subject.
- Throws:
InvalidPairwiseSubjectException
- If the pairwise subject is invalid.
-
-