|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.nimbusds.jose.jwk.JWK com.nimbusds.jose.jwk.RSAKey
@Immutable public final class RSAKey
Public and private RSA
JSON Web Key (JWK). This class is
immutable.
Provides RSA JWK import from / export to the following standard Java interfaces and classes:
java.security.interfaces.RSAPublicKey
java.security.interfaces.RSAPrivateKey
java.security.interfaces.RSAPrivateCrtKey
java.security.interfaces.RSAMultiPrimePrivateCrtKey
java.security.KeyPair
Example JSON object representation of a public RSA JWK:
{ "kty" : "RSA", "n" : "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e" : "AQAB", "alg" : "RS256", "kid" : "2011-04-29" }
Example JSON object representation of a public and private RSA JWK (with both the first and the second private key representations):
{ "kty" : "RSA", "n" : "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e" : "AQAB", "d" : "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9 M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqij wp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d _cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBz nbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFz me1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q", "p" : "83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPV nwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqV WlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs", "q" : "3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyum qjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgx kIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk", "dp" : "G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oim YwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_Nmtu YZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0", "dq" : "s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUU vMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9 GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk", "qi" : "GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzg UIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rx yR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU", "alg" : "RS256", "kid" : "2011-04-29" }
See RFC 3447.
See http://en.wikipedia.org/wiki/RSA_%28algorithm%29
Nested Class Summary | |
---|---|
static class |
RSAKey.OtherPrimesInfo
Other Primes Info, represents the private oth parameter of a
RSA JWK. |
Constructor Summary | |
---|---|
RSAKey(Base64URL n,
Base64URL e,
Base64URL d,
Base64URL p,
Base64URL q,
Base64URL dp,
Base64URL dq,
Base64URL qi,
List<RSAKey.OtherPrimesInfo> oth,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(Base64URL n,
Base64URL e,
Base64URL p,
Base64URL q,
Base64URL dp,
Base64URL dq,
Base64URL qi,
List<RSAKey.OtherPrimesInfo> oth,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(Base64URL n,
Base64URL e,
Base64URL d,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(Base64URL n,
Base64URL e,
Use use,
Algorithm alg,
String kid)
Creates a new public RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(RSAPublicKey pub,
RSAMultiPrimePrivateCrtKey priv,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(RSAPublicKey pub,
RSAPrivateCrtKey priv,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(RSAPublicKey pub,
RSAPrivateKey priv,
Use use,
Algorithm alg,
String kid)
Creates a new public / private RSA JSON Web Key (JWK) with the specified parameters. |
|
RSAKey(RSAPublicKey pub,
Use use,
Algorithm alg,
String kid)
Creates a new public RSA JSON Web Key (JWK) with the specified parameters. |
Method Summary | |
---|---|
Base64URL |
getFirstCRTCoefficient()
Returns the first Chinese Remainder Theorem (CRT) coefficient ( qi )} of the private RSA key. |
Base64URL |
getFirstFactorCRTExponent()
Returns the first factor Chinese Remainder Theorem (CRT) exponent ( dp ) of the private RSA key. |
Base64URL |
getFirstPrimeFactor()
Returns the first prime factor ( p ) of the private RSA key. |
Base64URL |
getModulus()
Returns the modulus value ( n ) of the RSA key. |
List<RSAKey.OtherPrimesInfo> |
getOtherPrimes()
Returns the other primes information ( oth ) for the private
RSA key, should they exist. |
Base64URL |
getPrivateExponent()
Returns the private exponent ( d ) of the RSA key. |
Base64URL |
getPublicExponent()
Returns the public exponent ( e ) of the RSA key. |
Base64URL |
getSecondFactorCRTExponent()
Returns the second factor Chinese Remainder Theorem (CRT) exponent ( dq ) of the private RSA key. |
Base64URL |
getSecondPrimeFactor()
Returns the second prime factor ( q ) of the private RSA key. |
boolean |
isPrivate()
Returns true if this JWK contains private or sensitive
(non-public) parameters. |
static RSAKey |
parse(net.minidev.json.JSONObject jsonObject)
Parses a public / private RSA JWK from the specified JSON object representation. |
static RSAKey |
parse(String s)
Parses a public / private RSA Curve JWK from the specified JSON object string representation. |
net.minidev.json.JSONObject |
toJSONObject()
Returns a JSON object representation of this JWK. |
KeyPair |
toKeyPair()
Returns a standard java.security.KeyPair representation of
this RSA JWK. |
RSAKey |
toPublicJWK()
Returns a copy of this RSA JWK with any private values removed. |
RSAPrivateKey |
toRSAPrivateKey()
Returns a standard java.security.interfaces.RSAPrivateKey
representation of this RSA JWK. |
RSAPublicKey |
toRSAPublicKey()
Returns a standard java.security.interfaces.RSAPublicKey
representation of this RSA JWK. |
Methods inherited from class com.nimbusds.jose.jwk.JWK |
---|
getAlgorithm, getKeyID, getKeyType, getKeyUse, parseAlgorithm, parseKeyID, parseKeyUse, toJSONString, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
---|
public RSAKey(Base64URL n, Base64URL e, Use use, Algorithm alg, String kid)
n
- The the modulus value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.e
- The exponent value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(Base64URL n, Base64URL e, Base64URL d, Use use, Algorithm alg, String kid)
n
- The the modulus value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.e
- The exponent value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.d
- The private exponent. It is represented as the Base64URL
encoding of the value's big endian representation. Must
not be null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(Base64URL n, Base64URL e, Base64URL p, Base64URL q, Base64URL dp, Base64URL dq, Base64URL qi, List<RSAKey.OtherPrimesInfo> oth, Use use, Algorithm alg, String kid)
n
- The the modulus value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.e
- The exponent value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.p
- The first prime factor. It is represented as the
Base64URL encoding of the value's big endian
representation. Must not be null
.q
- The second prime factor. It is represented as the
Base64URL encoding of the value's big endian
representation. Must not be null
.dp
- The first factor Chinese Remainder Theorem exponent. It
is represented as the Base64URL encoding of the value's
big endian representation. Must not be null
.dq
- The second factor Chinese Remainder Theorem exponent. It
is represented as the Base64URL encoding of the value's
big endian representation. Must not be null
.qi
- The first Chinese Remainder Theorem coefficient. It is
represented as the Base64URL encoding of the value's big
endian representation. Must not be null
.oth
- The other primes information, should they exist,
null
or an empty list if not specified.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(Base64URL n, Base64URL e, Base64URL d, Base64URL p, Base64URL q, Base64URL dp, Base64URL dq, Base64URL qi, List<RSAKey.OtherPrimesInfo> oth, Use use, Algorithm alg, String kid)
A valid first private RSA key representation must specify the
d
.
A valid second private RSA key representation must specify all
required Chinese Remained Theorem (CRT) parameters - p
,
q
, dp
, dq
and qi
, else an
IllegalArgumentException
will be thrown.
n
- The the modulus value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.e
- The exponent value for the public RSA key. It is
represented as the Base64URL encoding of value's big
endian representation. Must not be null
.d
- The private exponent. It is represented as the Base64URL
encoding of the value's big endian representation. May
be null
.p
- The first prime factor. It is represented as the
Base64URL encoding of the value's big endian
representation. May be null
.q
- The second prime factor. It is represented as the
Base64URL encoding of the value's big endian
representation. May be null
.dp
- The first factor Chinese Remainder Theorem exponent. It
is represented as the Base64URL encoding of the value's
big endian representation. May be null
.dq
- The second factor Chinese Remainder Theorem exponent. It
is represented as the Base64URL encoding of the value's
big endian representation. May be null
.qi
- The first Chinese Remainder Theorem coefficient. It is
represented as the Base64URL encoding of the value's big
endian representation. May be null
.oth
- The other primes information, should they exist,
null
or an empty list if not specified.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(RSAPublicKey pub, Use use, Algorithm alg, String kid)
pub
- The public RSA key to represent. Must not be
null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(RSAPublicKey pub, RSAPrivateKey priv, Use use, Algorithm alg, String kid)
pub
- The public RSA key to represent. Must not be
null
.priv
- The private RSA key to represent. Must not be
null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(RSAPublicKey pub, RSAPrivateCrtKey priv, Use use, Algorithm alg, String kid)
pub
- The public RSA key to represent. Must not be
null
.priv
- The private RSA key to represent. Must not be
null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.public RSAKey(RSAPublicKey pub, RSAMultiPrimePrivateCrtKey priv, Use use, Algorithm alg, String kid)
pub
- The public RSA key to represent. Must not be
null
.priv
- The private RSA key to represent. Must not be
null
.use
- The key use, null
if not specified.alg
- The intended JOSE algorithm for the key, null
if
not specified.kid
- The key ID. null
if not specified.Method Detail |
---|
public Base64URL getModulus()
n
) of the RSA key. It is
represented as the Base64URL encoding of the value's big endian
representation.
public Base64URL getPublicExponent()
e
) of the RSA key. It is
represented as the Base64URL encoding of the value's big endian
representation.
public Base64URL getPrivateExponent()
d
) of the RSA key. It is
represented as the Base64URL encoding of the value's big endian
representation.
null
if not specified.public Base64URL getFirstPrimeFactor()
p
) of the private RSA key.
It is represented as the Base64URL encoding of the value's big
endian representation.
null
if not specified.public Base64URL getSecondPrimeFactor()
q
) of the private RSA key.
It is represented as the Base64URL encoding of the value's big
endian representation.
null
if not specified.public Base64URL getFirstFactorCRTExponent()
dp
) of the private RSA key. It is represented as the
Base64URL encoding of the value's big endian representation.
null
if not
specified.public Base64URL getSecondFactorCRTExponent()
dq
) of the private RSA key. It is represented as the
Base64URL encoding of the value's big endian representation.
null
if not
specified.public Base64URL getFirstCRTCoefficient()
qi
)} of the private RSA key. It is represented as the
Base64URL encoding of the value's big endian representation.
null
if not
specified.public List<RSAKey.OtherPrimesInfo> getOtherPrimes()
oth
) for the private
RSA key, should they exist.
null
or empty list
if not specified.public RSAPublicKey toRSAPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException
java.security.interfaces.RSAPublicKey
representation of this RSA JWK.
NoSuchAlgorithmException
- If RSA is not supported by the
underlying Java Cryptography (JCA)
provider.
InvalidKeySpecException
- If the JWK key parameters are
invalid for a public RSA key.public RSAPrivateKey toRSAPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException
java.security.interfaces.RSAPrivateKey
representation of this RSA JWK.
null
if not specified by this
JWK.
NoSuchAlgorithmException
- If RSA is not supported by the
underlying Java Cryptography (JCA)
provider.
InvalidKeySpecException
- If the JWK key parameters are
invalid for a private RSA key.public KeyPair toKeyPair() throws NoSuchAlgorithmException, InvalidKeySpecException
java.security.KeyPair
representation of
this RSA JWK.
null
if not specified.
NoSuchAlgorithmException
- If RSA is not supported by the
underlying Java Cryptography (JCA)
provider.
InvalidKeySpecException
- If the JWK key parameters are
invalid for a public and / or
private RSA key.public boolean isPrivate()
JWK
true
if this JWK contains private or sensitive
(non-public) parameters.
isPrivate
in class JWK
true
if this JWK contains private parameters, else
false
.public RSAKey toPublicJWK()
toPublicJWK
in class JWK
public net.minidev.json.JSONObject toJSONObject()
JWK
Example:
{ "kty" : "RSA", "use" : "sig", "kid" : "fd28e025-8d24-48bc-a51a-e2ffc8bc274b" }
toJSONObject
in class JWK
public static RSAKey parse(String s) throws ParseException
s
- The JSON object string to parse. Must not be null
.
ParseException
- If the string couldn't be parsed to an RSA
JWK.public static RSAKey parse(net.minidev.json.JSONObject jsonObject) throws ParseException
jsonObject
- The JSON object to parse. Must not be
ParseException
- If the JSON object couldn't be parsed to an
RSA JWK.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |