Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.internal.jwk.oct

Class GenericOCTJWK

java.lang.Object
io.inverno.mod.security.jose.internal.jwk.AbstractJWK
io.inverno.mod.security.jose.internal.jwk.oct.GenericOCTJWK
All Implemented Interfaces:
JWK, OCTJWK, SymmetricJWK
public class GenericOCTJWK extends AbstractJWK implements OCTJWK

Generic Octet JSON Web Key implementation.

It supports the following algorithms

  • HS256
  • HS384
  • HS512
  • A128KW
  • A256KW
  • A512KW
  • A128GCMKW
  • A192GCMKW
  • A256GCMKW
  • A128GCM
  • A192GCM
  • A256GCM
  • A128CBC-HS256
  • A192CBC-HS384
  • A256CBC-HS512
Since:
1.5
Author:
Jeremy Kuhn

  • Constructor Details

    • GenericOCTJWK

      public GenericOCTJWK()

      Creates an untrusted OCT JWK.

    • GenericOCTJWK

      public GenericOCTJWK(String k)

      Creates an untrusted generic OCT JWK with the specified key value.

      Parameters:
      k - the key value encoded as Base64URL without padding

    • GenericOCTJWK

      public GenericOCTJWK(String k, SecretKey key, boolean trusted)

      Creates a generic OCT JWK with the specified key value and secret key.

      Parameters:
      k - the key value encoded as Base64URL without padding
      key - a secret key
      trusted - true to create a trusted JWK, false otherwise

  • Method Details

    • setAlgorithm

      public void setAlgorithm(OCTAlgorithm octAlg)

      Sets the Octet JWA algorithm.

      Parameters:
      octAlg - an OCT algorithm

    • setAlgorithm

      public void setAlgorithm(String alg)
      Description copied from class: AbstractJWK

      Sets the algorithm intended for use with the key.

      Overrides:
      setAlgorithm in class AbstractJWK
      Parameters:
      alg - the JWA algorithm

    • getKeyValue

      public String getKeyValue()
      Description copied from interface: OCTJWK

      Returns the key value encoded as Base64URL.

      Specified by:
      getKeyValue in interface OCTJWK
      Returns:
      the Base64URL encoded key value with no padding.

    • trust

      public OCTJWK trust()
      Description copied from interface: JWK

      Trusts the key explicitly.

      This should be used with care when the authenticity of an untrusted key has been established through external means.

      Specified by:
      trust in interface JWK
      Specified by:
      trust in interface OCTJWK
      Specified by:
      trust in interface SymmetricJWK
      Returns:
      this JWK

    • toSecretKey

      public Optional<SecretKey> toSecretKey() throws JWKProcessingException
      Description copied from interface: SymmetricJWK

      Converts the JWK to its corresponding secret key.

      Specified by:
      toSecretKey in interface SymmetricJWK
      Returns:
      an optional containing the secret key or an empty optional if the key does not contain secret information
      Throws:
      JWKProcessingException - if there was an error converting the JWK to a secret key

    • toPublicJWK

      public OCTJWK toPublicJWK()
      Description copied from interface: JWK

      Returns a public and safe to share representation of the key.

      Specified by:
      toPublicJWK in interface JWK
      Specified by:
      toPublicJWK in interface OCTJWK
      Specified by:
      toPublicJWK in interface SymmetricJWK
      Returns:
      a public representation of this JWK

    • minify

      public OCTJWK minify()
      Description copied from interface: JWK

      Returns a minified representation of the key only containing required data.

      Note that the returned JWK may contain private data.

      Specified by:
      minify in interface JWK
      Specified by:
      minify in interface OCTJWK
      Returns:
      a minified representation of this JWK

    • toJWKThumbprint

      public String toJWKThumbprint(MessageDigest digest)
      Description copied from interface: JWK

      Generates and returns the JWK thumbprint using the specified digest.

      Specified by:
      toJWKThumbprint in interface JWK
      Parameters:
      digest - the message digest to use
      Returns:
      the JWK thumbprint

    • supportsAlgorithm

      public boolean supportsAlgorithm(String alg)
      Description copied from interface: JWK

      Determines whether the JWK supports the specified JWA algorithm.

      Specified by:
      supportsAlgorithm in interface JWK
      Parameters:
      alg - a JWA algorithm
      Returns:
      true if the algorithm is supported, false otherwise

    • signer

      public JWASigner signer() throws JWKProcessingException
      Description copied from interface: JWK

      Returns a signer using this JWK.

      Specified by:
      signer in interface JWK
      Overrides:
      signer in class AbstractJWK
      Returns:
      a signer
      Throws:
      JWKProcessingException - if the JWK does not support signature operations (i.e. missing algorithm, algorithm is not a signature algorithm...)

    • signer

      public JWASigner signer(String alg)
      Description copied from interface: JWK

      Returns a signer using this JWK and the specified algorithm.

      Specified by:
      signer in interface JWK
      Overrides:
      signer in class AbstractJWK
      Parameters:
      alg - a JWA signature algorithm
      Returns:
      a signer

    • checkSignature

      protected void checkSignature(JWAAlgorithm<?> algorithm) throws JWKProcessingException
      Description copied from class: AbstractJWK

      Checks that the key and the specified algorithm supports signature operations.

      Overrides:
      checkSignature in class AbstractJWK
      Parameters:
      algorithm - a JWA algorithm
      Throws:
      JWKProcessingException - if the key and/or the specified algorithm do not support signature operations

    • cipher

      public JWACipher cipher() throws JWKProcessingException
      Description copied from interface: JWK

      Returns a cipher using this JWK.

      Specified by:
      cipher in interface JWK
      Overrides:
      cipher in class AbstractJWK
      Returns:
      a cipher
      Throws:
      JWKProcessingException - if the JWK does not support encryption operations (i.e. missing algorithm, algorithm is not an encryption algorithm...)

    • cipher

      public JWACipher cipher(String alg) throws JWKProcessingException
      Description copied from interface: JWK

      Returns a cipher using this JWK and the specified algorithm.

      Specified by:
      cipher in interface JWK
      Overrides:
      cipher in class AbstractJWK
      Parameters:
      alg - a JWA encryption algorithm
      Returns:
      a cipher
      Throws:
      JWKProcessingException - if the JWK does not support encryption operations or if the specified algorithm is not a supported encryption algorithm

    • checkEncryption

      protected void checkEncryption(JWAAlgorithm<?> algorithm) throws JWKProcessingException
      Description copied from class: AbstractJWK

      Checks that the key and the specified algorithm supports encryption operations.

      Overrides:
      checkEncryption in class AbstractJWK
      Parameters:
      algorithm - a JWA algorithm
      Throws:
      JWKProcessingException - if the key and/or the specified algorithm do not support encryption operations

    • keyManager

      public JWAKeyManager keyManager() throws JWKProcessingException
      Description copied from interface: JWK

      Returns a key manager using this JWK.

      Specified by:
      keyManager in interface JWK
      Overrides:
      keyManager in class AbstractJWK
      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations (i.e. missing algorithm, algorithm is not a key management algorithm...)

    • keyManager

      public JWAKeyManager keyManager(String alg) throws JWKProcessingException
      Description copied from interface: JWK

      Returns a key manager using this JWK and the specified algorithm.

      Specified by:
      keyManager in interface JWK
      Overrides:
      keyManager in class AbstractJWK
      Parameters:
      alg - a JWA key management algorithm
      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations or if the specified algorithm is not a supported key management algorithm

    • checkKeyManagement

      protected void checkKeyManagement(JWAAlgorithm<?> algorithm) throws JWAKeyManagerException
      Description copied from class: AbstractJWK

      Checks that the key and the specified algorithm supports key management operations.

      Overrides:
      checkKeyManagement in class AbstractJWK
      Parameters:
      algorithm - a JWA algorithm
      Throws:
      JWAKeyManagerException

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface JWK
      Overrides:
      hashCode in class AbstractJWK

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface JWK
      Overrides:
      equals in class AbstractJWK