public interface JWEKeySelector<C extends SecurityContext>
decryption
and further
processing.
The key selection should be based on application specific criteria, such
as recognised header parameters referencing the key (e.g. kid
,
x5t
) and / or the JWE object SecurityContext
.
See JSON Web Signature (JWE), Appendix D. Notes on Key Selection for suggestions.
Possible key types:
SecretKey
for AES keys.
RSAPrivateKey
private RSA keys.
ECPrivateKey
private EC keys.
Modifier and Type | Method and Description |
---|---|
List<? extends Key> |
selectJWEKeys(JWEHeader header,
C context)
Selects key candidates for decrypting a JWE object.
|
List<? extends Key> selectJWEKeys(JWEHeader header, C context) throws KeySourceException
header
- The header of the JWE object. Must not be
null
.context
- Optional context of the JWE object, null
if
not required.KeySourceException
- If a key source exception is encountered,
e.g. on remote JWK retrieval.Copyright © 2017 Connect2id Ltd.. All rights reserved.