Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose.internal.jwk.okp

Class AbstractOKPJWK<A extends PublicKey,B extends PrivateKey>

java.lang.Object

io.inverno.mod.security.jose.internal.jwk.AbstractJWK

io.inverno.mod.security.jose.internal.jwk.AbstractX509JWK<A,B>

io.inverno.mod.security.jose.internal.jwk.okp.AbstractOKPJWK<A,B>

Type Parameters:

A - the public key type

B - the private key type

All Implemented Interfaces:

AsymmetricJWK<A,B>, JWK, OKPJWK<A,B>, X509JWK<A,B>

Direct Known Subclasses:

GenericEdECJWK, GenericXECJWK

public abstract class AbstractOKPJWK<A extends PublicKey,B extends PrivateKey>
extends AbstractX509JWK<A,B>
implements OKPJWK<A,B>

Base Octet Key Pair JSON Web Key implementation.

Since:

1.5

Author:

Jeremy Kuhn

Field Summary

Fields

Modifier and Type	Field	Description
protected final OKPCurve	curve	The Curve parameter as defined by RFC8037 Section 3.
protected final String	d	The private key parameter as defined by RFC8037 Section 3.
protected Optional<B>	privateKey	The private key.
protected A	publicKey	The public key.
protected final String	x	The public key parameter as defined by RFC8037 Section 3.

Fields inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractX509JWK

certificate, x5c, x5t, x5t_S256, x5u

Fields inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractJWK

alg, key, key_ops, kid, kty, trusted, use

Fields inherited from interface io.inverno.mod.security.jose.jwk.JWK

DEFAULT_THUMBPRINT_DIGEST, KEY_OP_DECRYPT, KEY_OP_DERIVE_BITS, KEY_OP_DERIVE_KEY, KEY_OP_ENCRYPT, KEY_OP_SIGN, KEY_OP_UNWRAP_KEY, KEY_OP_VERIFY, KEY_OP_WRAP_KEY, USE_ENC, USE_SIG

Fields inherited from interface io.inverno.mod.security.jose.jwk.okp.OKPJWK

KEY_TYPE

Constructor Summary

Constructors

Constructor	Description
AbstractOKPJWK(OKPCurve curve, String x)	Creates an untrusted public OKP JWK with the specified curve and public key value.
AbstractOKPJWK(OKPCurve curve, String x, String d)	Creates an untrusted private OKP JWK with the specified curve, public key value and private key value.
AbstractOKPJWK(OKPCurve curve, String x, String d, B key, boolean trusted)	Creates a private OKP JWK with the specified curve, public key value, private key value and private key.
AbstractOKPJWK(OKPCurve curve, String x, String d, B key, X509Certificate certificate, boolean trusted)	Creates a private OKP JWK with the specified curve, public coordinates, private key value, OKP private key and certificate.
AbstractOKPJWK(OKPCurve curve, String x, String d, X509Certificate certificate)	Creates a public OKP JWK with the specified curve, public key value, private key value and certificate.
AbstractOKPJWK(OKPCurve curve, String x, X509Certificate certificate)	Creates a public OKP JWK with the specified curve, public key value and certificate.

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object obj)
String	getCurve()	Returns the JWA Elliptic curve name.
String	getPrivateKey()	Returns the private key encoded as Base64URL.
String	getPublicKey()	Returns the public key encoded as Base64URL.
int	hashCode()
protected static void	reverse(byte[] arr)	Reverses the specified byte array.
protected static void	swap(byte[] arr, int i, int j)	Swaps the bytes at positions i and j in the specified byte array.
String	toJWKThumbprint(MessageDigest digest)	Generates and returns the JWK thumbprint using the specified digest.

Methods inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractX509JWK

getX509Certificate, getX509CertificateChain, getX509CertificateSHA1Thumbprint, getX509CertificateSHA256Thumbprint, getX509CertificateURL, setX509CertificateChain, setX509CertificateSHA1Thumbprint, setX509CertificateSHA256Thumbprint, setX509CertificateURL, toString

Methods inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractJWK

checkEncryption, checkKeyManagement, checkSignature, cipher, cipher, getAlgorithm, getDefaultThumbprintDigest, getKey, getKeyId, getKeyOperations, getKeyType, getPublicKeyUse, isTrusted, keyManager, keyManager, setAlgorithm, setKeyId, setKeyOperations, setPublicKeyUse, signer, signer

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface io.inverno.mod.security.jose.jwk.AsymmetricJWK

toPrivateKey, toPublicKey

Methods inherited from interface io.inverno.mod.security.jose.jwk.JWK

cipher, cipher, getAlgorithm, getKeyId, getKeyOperations, getKeyType, getPublicKeyUse, isTrusted, keyManager, keyManager, signer, signer, supportsAlgorithm, toJWKThumbprint

Methods inherited from interface io.inverno.mod.security.jose.jwk.okp.OKPJWK

minify, toPublicJWK, trust

Methods inherited from interface io.inverno.mod.security.jose.jwk.X509JWK

getX509Certificate, getX509CertificateChain, getX509CertificateSHA1Thumbprint, getX509CertificateSHA256Thumbprint, getX509CertificateURL

Field Details

curve

protected final OKPCurve curve

The Curve parameter as defined by RFC8037 Section 3.

x

protected final String x

The public key parameter as defined by RFC8037 Section 3.

d

protected final String d

The private key parameter as defined by RFC8037 Section 3.

publicKey

protected A extends PublicKey publicKey

The public key.

privateKey

protected Optional<B extends PrivateKey> privateKey

The private key.

Constructor Details

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x)

Creates an untrusted public OKP JWK with the specified curve and public key value.

Parameters:

curve - an elliptic curve

x - the public key value encoded as Base64URL without padding

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x,
 X509Certificate certificate)

Creates a public OKP JWK with the specified curve, public key value and certificate.

The JWK is considered trusted if the specified certificate, which is assumed to be validated, is not null.

Parameters:

curve - an elliptic curve

x - the public key encoded as Base64URL without padding

certificate - an X.509 certificate

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x,
 String d)

Creates an untrusted private OKP JWK with the specified curve, public key value and private key value.

Parameters:

curve - an elliptic curve

x - the public key value encoded as Base64URL without padding

d - the private key value encoded as Base64URL without padding

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x,
 String d,
 B key,
 boolean trusted)

Creates a private OKP JWK with the specified curve, public key value, private key value and private key.

Parameters:

curve - an elliptic curve

x - the public key value encoded as Base64URL without padding

d - the private key value encoded as Base64URL without padding

key - a private key

trusted - true to create a trusted JWK, false otherwise

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x,
 String d,
 X509Certificate certificate)

Creates a public OKP JWK with the specified curve, public key value, private key value and certificate.

The JWK is considered trusted if the specified certificate, which is assumed to be validated, is not null.

Parameters:

curve - an elliptic curve

x - the public key value encoded as Base64URL without padding

d - the private key value encoded as Base64URL without padding

certificate - an X.509 certificate

AbstractOKPJWK

public AbstractOKPJWK(OKPCurve curve,
 String x,
 String d,
 B key,
 X509Certificate certificate,
 boolean trusted)

Creates a private OKP JWK with the specified curve, public coordinates, private key value, OKP private key and certificate.

Parameters:

curve - an elliptic curve

x - the public key value encoded as Base64URL without padding

d - the private key value encoded as Base64URL without padding

key - a private key

certificate - an X.509 certificate

trusted - true to create a trusted JWK, false otherwise

Method Details

getCurve

public String getCurve()

Description copied from interface: OKPJWK

Returns the JWA Elliptic curve name.

Specified by:

getCurve in interface OKPJWK<A extends PublicKey,B extends PrivateKey>

Returns:

the Elliptic curve name

getPublicKey

public String getPublicKey()

Description copied from interface: OKPJWK

Returns the public key encoded as Base64URL.

Specified by:

getPublicKey in interface OKPJWK<A extends PublicKey,B extends PrivateKey>

Returns:

the Base64URL encoded public key with no padding.

getPrivateKey

public String getPrivateKey()

Description copied from interface: OKPJWK

Returns the private key encoded as Base64URL.

Specified by:

getPrivateKey in interface OKPJWK<A extends PublicKey,B extends PrivateKey>

Returns:

the Base64URL encoded private key with no padding.

toJWKThumbprint

public String toJWKThumbprint(MessageDigest digest)

Description copied from interface: JWK

Generates and returns the JWK thumbprint using the specified digest.

Specified by:

toJWKThumbprint in interface JWK

Parameters:

digest - the message digest to use

Returns:

the JWK thumbprint

reverse

protected static void reverse(byte[] arr)

Reverses the specified byte array.

Parameters:

arr - the byte array to reverse

swap

protected static void swap(byte[] arr,
 int i,
 int j)

Swaps the bytes at positions i and j in the specified byte array.

Parameters:

arr - a byte array

i - an index

j - an index

hashCode

public int hashCode()

Specified by:

hashCode in interface JWK

Overrides:

hashCode in class AbstractX509JWK<A extends PublicKey,B extends PrivateKey>

equals

public boolean equals(Object obj)

Specified by:

equals in interface JWK

Overrides:

equals in class AbstractX509JWK<A extends PublicKey,B extends PrivateKey>