Package org.apache.cxf.rs.security.jose.common

Class JoseConstants

    • Field Detail

      • RSSEC_KEY_STORE_ALIASES

        public static final String RSSEC_KEY_STORE_ALIASES
        The keystore aliases corresponding to the keys to use, when using the JSON serialization form. You can append one of the following to this tag to get the alias for more specific operations: - jws.out - jws.in
        See Also:
        Constant Field Values

      • RSSEC_ACCEPT_PUBLIC_KEY

        public static final String RSSEC_ACCEPT_PUBLIC_KEY
        Whether to allow using a JWK received in the header for signature validation. The default is "false".
        See Also:
        Constant Field Values

      • RSSEC_KEY_STORE_JWKSET

        public static final String RSSEC_KEY_STORE_JWKSET
        TODO documentation for these
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_KEY_PSWD_PROVIDER

        public static final String RSSEC_SIGNATURE_KEY_PSWD_PROVIDER
        A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for signature. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.
        See Also:
        Constant Field Values

      • RSSEC_EC_CURVE

        public static final String RSSEC_EC_CURVE
        The EC Curve to use with EC keys loaded from Java Key Store. JWK EC Keys are expected to use a standard "crv" property instead.
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY

        public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY
        Include the JWK public key for signature in the "jwk" header.
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_INCLUDE_CERT

        public static final String RSSEC_SIGNATURE_INCLUDE_CERT
        Include the X.509 certificate for signature in the "x5c" header.
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_INCLUDE_KEY_ID

        public static final String RSSEC_SIGNATURE_INCLUDE_KEY_ID
        Include the JWK key id for signature in the "kid" header.
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_INCLUDE_CERT_SHA1

        public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA1
        Include the X.509 certificate SHA-1 digest for signature in the "x5t" header.
        See Also:
        Constant Field Values

      • RSSEC_SIGNATURE_INCLUDE_CERT_SHA256

        public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA256
        Include the X.509 certificate SHA-256 digest for signature in the "x5t#S256" header.
        See Also:
        Constant Field Values

      • RSSEC_DECRYPTION_KEY_PSWD_PROVIDER

        public static final String RSSEC_DECRYPTION_KEY_PSWD_PROVIDER
        A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for decryption. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_CONTENT_ALGORITHM

        public static final String RSSEC_ENCRYPTION_CONTENT_ALGORITHM
        The encryption content algorithm to use. The default algorithm if not specified is 'A128GCM'.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_KEY_ALGORITHM

        public static final String RSSEC_ENCRYPTION_KEY_ALGORITHM
        The encryption key algorithm to use. The default algorithm if not specified is 'RSA-OAEP' if the key is an RSA key, and 'A128GCMKW' if it is an octet sequence.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_ZIP_ALGORITHM

        public static final String RSSEC_ENCRYPTION_ZIP_ALGORITHM
        The encryption zip algorithm to use.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_OUT_PROPS

        public static final String RSSEC_ENCRYPTION_OUT_PROPS
        The encryption properties file for encryption creation. If not specified then it falls back to RSSEC_ENCRYPTION_PROPS.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_IN_PROPS

        public static final String RSSEC_ENCRYPTION_IN_PROPS
        The decryption properties file for decryption. If not specified then it falls back to RSSEC_ENCRYPTION_PROPS.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_PROPS

        public static final String RSSEC_ENCRYPTION_PROPS
        The encryption/decryption properties file
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY

        public static final String RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY
        Include the JWK public key for encryption in the "jwk" header.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_INCLUDE_CERT

        public static final String RSSEC_ENCRYPTION_INCLUDE_CERT
        Include the X.509 certificate for encryption the "x5c" header.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_INCLUDE_KEY_ID

        public static final String RSSEC_ENCRYPTION_INCLUDE_KEY_ID
        Include the JWK key id for encryption in the "kid" header.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1

        public static final String RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1
        Include the X.509 certificate SHA-1 digest for encryption in the "x5t" header.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_INCLUDE_CERT_SHA256

        public static final String RSSEC_ENCRYPTION_INCLUDE_CERT_SHA256
        Include the X.509 certificate SHA-256 digest for encryption in the "x5t#S256" header.
        See Also:
        Constant Field Values

      • RSSEC_ENCRYPTION_PBES2_COUNT

        public static final String RSSEC_ENCRYPTION_PBES2_COUNT
        The value to be used for the "p2c" (PBES2 count) Header Parameter. The default is 4096.
        See Also:
        Constant Field Values

      • ENABLE_UNSIGNED_JWT_PRINCIPAL

        public static final String ENABLE_UNSIGNED_JWT_PRINCIPAL
        Whether to allow unsigned JWT tokens as SecurityContext Principals. The default is false.
        See Also:
        Constant Field Values