Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose.internal.jwk.rsa

Class GenericRSAJWKBuilder

java.lang.Object

io.inverno.mod.security.jose.internal.jwk.AbstractJWKBuilder<C,D>

io.inverno.mod.security.jose.internal.jwk.AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>

io.inverno.mod.security.jose.internal.jwk.rsa.GenericRSAJWKBuilder

All Implemented Interfaces:

JWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>, RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>, X509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>, Cloneable

public class GenericRSAJWKBuilder
extends AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>
implements RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Generic RSA JSON Web Key builder implementation.

Since:

1.5

Author:

Jeremy Kuhn

Field Summary

Fields inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractX509JWKBuilder

certificate, certPathValidator, keyTrusted, urlResolver, x5c, x5t, x5t_S256, x5u

Fields inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractJWKBuilder

alg, configuration, jwkStore, key, key_ops, keyResolver, kid, use

Constructor Summary

Constructors

Constructor	Description
GenericRSAJWKBuilder(JOSEConfiguration configuration, JWKStore jwkStore, JWKKeyResolver keyResolver, JWKURLResolver urlResolver, X509JWKCertPathValidator certPathValidator)	Creates a generic RSA JWK builder.
GenericRSAJWKBuilder(JOSEConfiguration configuration, JWKStore jwkStore, JWKKeyResolver keyResolver, JWKURLResolver urlResolver, X509JWKCertPathValidator certPathValidator, Map<String,Object> parameters)	Creates a generic RSA JWK builder initialized with the specified parameters map.

Method Summary

Modifier and Type	Method	Description
GenericRSAJWKBuilder	algorithm(String alg)	Specifies the algorithm intended for use with the key.
protected reactor.core.publisher.Mono<GenericRSAJWK>	doBuild()	Builds the JWK after all checks and processing have terminated successfully.
GenericRSAJWKBuilder	firstCoefficient(String qi)	Specifies the first coefficient encoded as Base64URL.
GenericRSAJWKBuilder	firstFactorExponent(String dp)	Specifies the first factor exponent encoded as Base64URL.
GenericRSAJWKBuilder	firstPrimeFactor(String p)	Specifies the first prime factor encoded as Base64URL.
GenericRSAJWKBuilder	modulus(String n)	Specifies the modulus encoded as Base64URL.
GenericRSAJWKBuilder	otherPrimeInfo(String primeFactor, String exponent, String coefficient)	Specifies a prime info to add to the definition of the key.
GenericRSAJWKBuilder	privateExponent(String d)	Specifies the private exponent encoded as Base64URL.
GenericRSAJWKBuilder	publicExponent(String e)	Specifies the public exponent encoded as Base64URL.
protected reactor.core.publisher.Mono<Void>	resolve()	Resolves the JWK to build.
protected reactor.core.publisher.Mono<Void>	resolveCertificate(X509Certificate certificate)	Resolves the specified certificate into the builder.
protected reactor.core.publisher.Mono<JWK>	resolveFromJWKStore()	Tries to resolve the JWK from the JWK store.
protected reactor.core.publisher.Mono<Void>	resolveKey(Key key)	Resolves the specified key into the builder.
GenericRSAJWKBuilder	secondFactorExponent(String dq)	Specifies the second factor exponent encoded as Base64URL.
GenericRSAJWKBuilder	secondPrimeFactor(String q)	Specifies the second prime factor encoded as Base64URL.
protected void	set(String field, Object value)	Sets the specified parameter into the builder.

Methods inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractX509JWKBuilder

x509CertificateChain, x509CertificateSHA1Thumbprint, x509CertificateSHA256Thumbprint, x509CertificateURL

Methods inherited from class io.inverno.mod.security.jose.internal.jwk.AbstractJWKBuilder

build, keyId, keyOperations, publicKeyUse

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.inverno.mod.security.jose.jwk.JWKBuilder

build, keyId, keyOperations, publicKeyUse

Methods inherited from interface io.inverno.mod.security.jose.jwk.X509JWKBuilder

x509CertificateChain, x509CertificateSHA1Thumbprint, x509CertificateSHA256Thumbprint, x509CertificateURL

Constructor Details

GenericRSAJWKBuilder

public GenericRSAJWKBuilder(JOSEConfiguration configuration,
 JWKStore jwkStore,
 JWKKeyResolver keyResolver,
 JWKURLResolver urlResolver,
 X509JWKCertPathValidator certPathValidator)

Creates a generic RSA JWK builder.

Parameters:

configuration - the JOSE module configuration

jwkStore - a JWK store

keyResolver - a JWK key resolver

urlResolver - a JWK URL resolver

certPathValidator - an X.509 certificate path validator

GenericRSAJWKBuilder

public GenericRSAJWKBuilder(JOSEConfiguration configuration,
 JWKStore jwkStore,
 JWKKeyResolver keyResolver,
 JWKURLResolver urlResolver,
 X509JWKCertPathValidator certPathValidator,
 Map<String,Object> parameters)
                     throws JWKReadException

Creates a generic RSA JWK builder initialized with the specified parameters map.

Parameters:

configuration - the JOSE module configuration

jwkStore - a JWK store

keyResolver - a JWK key resolver

urlResolver - a JWK URL resolver

certPathValidator - an X.509 certificate path validator

parameters - a parameters map used to initialize the builder

Throws:

JWKReadException - if there was an error reading the parameters map

Method Details

set

protected void set(String field,
 Object value)
            throws JWKReadException

Description copied from class: AbstractX509JWKBuilder

Sets the specified parameter into the builder.

Unsupported parameters are ignored.

Overrides:

set in class AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

field - the parameter name

value - the parameter value

Throws:

JWKReadException - if there was an error reading the value

algorithm

public GenericRSAJWKBuilder algorithm(String alg)

Description copied from interface: JWKBuilder

Specifies the algorithm intended for use with the key.

Specified by:

algorithm in interface JWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Overrides:

algorithm in class AbstractJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

alg - a JWA algorithm

Returns:

this builder

modulus

public GenericRSAJWKBuilder modulus(String n)

Description copied from interface: RSAJWKBuilder

Specifies the modulus encoded as Base64URL.

Specified by:

modulus in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

n - the Base64URL encoded modulus with no padding

Returns:

this builder

publicExponent

public GenericRSAJWKBuilder publicExponent(String e)

Description copied from interface: RSAJWKBuilder

Specifies the public exponent encoded as Base64URL.

Specified by:

publicExponent in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

e - the Base64URL encoded public exponent with no padding

Returns:

this builder

privateExponent

public GenericRSAJWKBuilder privateExponent(String d)

Description copied from interface: RSAJWKBuilder

Specifies the private exponent encoded as Base64URL.

Specified by:

privateExponent in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

d - the Base64URL encoded private exponent with no padding

Returns:

this builder

firstPrimeFactor

public GenericRSAJWKBuilder firstPrimeFactor(String p)

Description copied from interface: RSAJWKBuilder

Specifies the first prime factor encoded as Base64URL.

Specified by:

firstPrimeFactor in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

p - the Base64URL encoded first prime factor with no padding

Returns:

this builder

secondPrimeFactor

public GenericRSAJWKBuilder secondPrimeFactor(String q)

Description copied from interface: RSAJWKBuilder

Specifies the second prime factor encoded as Base64URL.

Specified by:

secondPrimeFactor in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

q - the Base64URL encoded second prime factor with no padding

Returns:

this builder

firstFactorExponent

public GenericRSAJWKBuilder firstFactorExponent(String dp)

Description copied from interface: RSAJWKBuilder

Specifies the first factor exponent encoded as Base64URL.

Specified by:

firstFactorExponent in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

dp - the Base64URL encoded first factor exponent with no padding

Returns:

this builder

secondFactorExponent

public GenericRSAJWKBuilder secondFactorExponent(String dq)

Description copied from interface: RSAJWKBuilder

Specifies the second factor exponent encoded as Base64URL.

Specified by:

secondFactorExponent in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

dq - the Base64URL encoded second factor exponent with no padding

Returns:

this builder

firstCoefficient

public GenericRSAJWKBuilder firstCoefficient(String qi)

Description copied from interface: RSAJWKBuilder

Specifies the first coefficient encoded as Base64URL.

Specified by:

firstCoefficient in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

qi - the Base64URL encoded first coefficient with no padding

Returns:

this builder

otherPrimeInfo

public GenericRSAJWKBuilder otherPrimeInfo(String primeFactor,
 String exponent,
 String coefficient)

Description copied from interface: RSAJWKBuilder

Specifies a prime info to add to the definition of the key.

Specified by:

otherPrimeInfo in interface RSAJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

primeFactor - the Base64URL encoded other prime info prime factor with no padding

exponent - the Base64URL encoded other prime info exponent with no padding

coefficient - the Base64URL encoded other prime info coefficient with no padding

Returns:

this builder

resolveFromJWKStore

protected reactor.core.publisher.Mono<JWK> resolveFromJWKStore()
                                                        throws JWKResolveException

Description copied from class: AbstractJWKBuilder

Tries to resolve the JWK from the JWK store.

Overrides:

resolveFromJWKStore in class AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>

Returns:

a single JWK publisher or an empty publisher if there's no JWK corresponding to the builder's parameters in the JWK store

Throws:

JWKResolveException - if there was an error accessing the JWK store

resolveKey

protected reactor.core.publisher.Mono<Void> resolveKey(Key key)
                                                throws JWKBuildException,
JWKResolveException,
JWKProcessingException

Description copied from class: AbstractJWKBuilder

Resolves the specified key into the builder.

This method basically verifies that the key is valid and consistent with the builder's parameters and eventually populates the builder with the key.

Specified by:

resolveKey in class AbstractJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

key - a key

Returns:

an empty single publisher which completes in error if the key is not consistent with the builder's parameters

Throws:

JWKBuildException - if there was an error building the JWK

JWKResolveException - if there was an error resolving the key

JWKProcessingException - if there was a JWK processing error

resolveCertificate

protected reactor.core.publisher.Mono<Void> resolveCertificate(X509Certificate certificate)
                                                        throws JWKBuildException,
JWKResolveException,
JWKProcessingException

Description copied from class: AbstractX509JWKBuilder

Resolves the specified certificate into the builder.

This method basically verifies that the certificate is valid and consistent with the builder's parameters and eventually populates the builder with the certificate key.

Overrides:

resolveCertificate in class AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>

Parameters:

certificate - a certificate

Returns:

an empty single publisher which completes in error if the resolved key is invalid or inconsistent with the builder's parameters

Throws:

JWKBuildException - if there was an error building the JWK

JWKResolveException - if there was an error resolving the certificate

JWKProcessingException - if there was a JWK processing error

resolve

protected reactor.core.publisher.Mono<Void> resolve()
                                             throws JWKBuildException,
JWKResolveException,
JWKProcessingException

Description copied from class: AbstractJWKBuilder

Resolves the JWK to build.

This method basically resolves resources such as keys or certificates and verifies that the builder's parameters are consistent.

Overrides:

resolve in class AbstractX509JWKBuilder<RSAPublicKey,RSAPrivateKey,GenericRSAJWK,GenericRSAJWKBuilder>

Returns:

an empty single publisher which completes in error if the key is not consistent with the builder's parameters

Throws:

JWKBuildException - if there was an error building the JWK

JWKResolveException - if there was an error resolving the JWK

JWKProcessingException - if there was a JWK processing error

doBuild

protected reactor.core.publisher.Mono<GenericRSAJWK> doBuild()
                                                      throws JWKBuildException,
JWKProcessingException

Description copied from class: AbstractJWKBuilder

Builds the JWK after all checks and processing have terminated successfully.

Specified by:

doBuild in class AbstractJWKBuilder<GenericRSAJWK,GenericRSAJWKBuilder>

Returns:

a single JWK publisher

Throws:

JWKBuildException - if there was an error building the JWK

JWKProcessingException - if there was a JWK processing error