Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.internal.jwk.pbes2

Class GenericPBES2JWK

java.lang.Object
io.inverno.mod.security.jose.internal.jwk.AbstractJWK
io.inverno.mod.security.jose.internal.jwk.pbes2.GenericPBES2JWK
All Implemented Interfaces:
JWK, PBES2JWK, SymmetricJWK
public class GenericPBES2JWK extends AbstractJWK implements PBES2JWK

Generic Password-based JSON Web Key implementation.

It supports the following algorithms

  • PBES2-HS256+A128KW
  • PBES2-HS384+A192KW
  • PBES2-HS512+A256KW
Since:
1.5
Author:
Jeremy Kuhn

  • Constructor Details

    • GenericPBES2JWK

      public GenericPBES2JWK()

      Creates an untrusted PBES2 JWK.

    • GenericPBES2JWK

      public GenericPBES2JWK(String p)

      Creates an untrusted generic PBES2 JWK with the specified password value.

      Parameters:
      p - the password value encoded as Base64URL without padding

    • GenericPBES2JWK

      public GenericPBES2JWK(String p, SecretKey key, boolean trusted)

      Creates a generic PBES2 JWK with the specified key value and secret key.

      Parameters:
      p - the password value encoded as Base64URL without padding
      key - a secret key
      trusted - true to create a trusted JWK, false otherwise

  • Method Details

    • setAlgorithm

      public void setAlgorithm(PBES2Algorithm pbes2Alg)

      Sets the PBES2 JWA algorithm.

      Parameters:
      pbes2Alg - a PBES2 algorithm

    • setAlgorithm

      public void setAlgorithm(String alg)
      Description copied from class: AbstractJWK

      Sets the algorithm intended for use with the key.

      Overrides:
      setAlgorithm in class AbstractJWK
      Parameters:
      alg - the JWA algorithm

    • getPassword

      public String getPassword()
      Description copied from interface: PBES2JWK

      Returns the password encoded as Base64URL.

      Specified by:
      getPassword in interface PBES2JWK
      Returns:
      the Base64URL encoded password with no padding.

    • trust

      public PBES2JWK trust()
      Description copied from interface: JWK

      Trusts the key explicitly.

      This should be used with care when the authenticity of an untrusted key has been established through external means.

      Specified by:
      trust in interface JWK
      Specified by:
      trust in interface PBES2JWK
      Specified by:
      trust in interface SymmetricJWK
      Returns:
      this JWK

    • toSecretKey

      public Optional<SecretKey> toSecretKey() throws JWKProcessingException
      Description copied from interface: SymmetricJWK

      Converts the JWK to its corresponding secret key.

      Specified by:
      toSecretKey in interface SymmetricJWK
      Returns:
      an optional containing the secret key or an empty optional if the key does not contain secret information
      Throws:
      JWKProcessingException - if there was an error converting the JWK to a secret key

    • toPublicJWK

      public PBES2JWK toPublicJWK()
      Description copied from interface: JWK

      Returns a public and safe to share representation of the key.

      Specified by:
      toPublicJWK in interface JWK
      Specified by:
      toPublicJWK in interface PBES2JWK
      Specified by:
      toPublicJWK in interface SymmetricJWK
      Returns:
      a public representation of this JWK

    • minify

      public PBES2JWK minify()
      Description copied from interface: JWK

      Returns a minified representation of the key only containing required data.

      Note that the returned JWK may contain private data.

      Specified by:
      minify in interface JWK
      Specified by:
      minify in interface PBES2JWK
      Returns:
      a minified representation of this JWK

    • toJWKThumbprint

      public String toJWKThumbprint(MessageDigest digest)
      Description copied from interface: JWK

      Generates and returns the JWK thumbprint using the specified digest.

      Specified by:
      toJWKThumbprint in interface JWK
      Parameters:
      digest - the message digest to use
      Returns:
      the JWK thumbprint

    • supportsAlgorithm

      public boolean supportsAlgorithm(String alg)
      Description copied from interface: JWK

      Determines whether the JWK supports the specified JWA algorithm.

      Specified by:
      supportsAlgorithm in interface JWK
      Parameters:
      alg - a JWA algorithm
      Returns:
      true if the algorithm is supported, false otherwise

    • keyManager

      public JWAKeyManager keyManager() throws JWKProcessingException
      Description copied from interface: JWK

      Returns a key manager using this JWK.

      Specified by:
      keyManager in interface JWK
      Overrides:
      keyManager in class AbstractJWK
      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations (i.e. missing algorithm, algorithm is not a key management algorithm...)

    • keyManager

      public JWAKeyManager keyManager(String alg) throws JWKProcessingException
      Description copied from interface: JWK

      Returns a key manager using this JWK and the specified algorithm.

      Specified by:
      keyManager in interface JWK
      Overrides:
      keyManager in class AbstractJWK
      Parameters:
      alg - a JWA key management algorithm
      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations or if the specified algorithm is not a supported key management algorithm

    • checkKeyManagement

      protected void checkKeyManagement(JWAAlgorithm<?> algorithm) throws JWAKeyManagerException
      Description copied from class: AbstractJWK

      Checks that the key and the specified algorithm supports key management operations.

      Overrides:
      checkKeyManagement in class AbstractJWK
      Parameters:
      algorithm - a JWA algorithm
      Throws:
      JWAKeyManagerException

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface JWK
      Overrides:
      hashCode in class AbstractJWK

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface JWK
      Overrides:
      equals in class AbstractJWK