com.nimbusds.jose.jwk

Class OctetKeyPair

java.lang.Object

com.nimbusds.jose.jwk.JWK

com.nimbusds.jose.jwk.OctetKeyPair

All Implemented Interfaces:

AssymetricJWK, CurveBasedJWK, Serializable, net.minidev.json.JSONAware

@Immutable
public class OctetKeyPair
extends JWK
implements AssymetricJWK, CurveBasedJWK

Octet key pair JSON Web Key (JWK), used to represent Edwards-curve keys. This class is immutable.

Supported curves:

• Ed25519
• Ed448
• X25519
• X448

Example JSON object representation of a public OKP JWK:

 {
   "kty" : "OKP",
   "crv" : "Ed25519",
   "x"   : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
   "use" : "sig",
   "kid" : "1"
 }
 

Example JSON object representation of a private OKP JWK:

 {
   "kty" : "OKP",
   "crv" : "Ed25519",
   "x"   : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
   "d"   : "nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A"
   "use" : "sig",
   "kid" : "1"
 }
 

Use the builder to create a new OKP JWK:

 OctetKeyPair key = new OctetKeyPair.Builder(Curve.Ed25519, x)
        .keyUse(KeyUse.SIGNATURE)
        .keyID("1")
        .build();
 

Version:

2017-08-25

Author:

Vladimir Dzhuvinov

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	OctetKeyPair.Builder Builder for constructing Octet Key Pair JWKs.

Field Summary

Fields

Modifier and Type	Field and Description
static Set<Curve>	SUPPORTED_CURVES Supported Edwards curves.

Fields inherited from class com.nimbusds.jose.jwk.JWK

MIME_TYPE

Constructor Summary

Constructors

Constructor and Description
OctetKeyPair(Curve crv, Base64URL x, Base64URL d, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks) Creates a new public / private Octet Key Pair JSON Web Key (JWK) with the specified parameters.
OctetKeyPair(Curve crv, Base64URL x, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks) Creates a new public Octet Key Pair JSON Web Key (JWK) with the specified parameters.

Method Summary

Modifier and Type	Method and Description
Curve	getCurve() Returns the cryptographic curve.
Base64URL	getD() Gets the private 'd' parameter.
LinkedHashMap<String,?>	getRequiredParams() Returns the required JWK parameters.
Base64URL	getX() Gets the public 'x' parameter.
boolean	isPrivate() Returns true if this JWK contains private or sensitive (non-public) parameters.
static OctetKeyPair	parse(net.minidev.json.JSONObject jsonObject) Parses a public / private Octet Key Pair JWK from the specified JSON object representation.
static OctetKeyPair	parse(String s) Parses a public / private Octet Key Pair JWK from the specified JSON object string representation.
int	size() Returns the size of this JWK.
net.minidev.json.JSONObject	toJSONObject() Returns a JSON object representation of this JWK.
KeyPair	toKeyPair() Returns a Java key pair representation of this JWK.
PrivateKey	toPrivateKey() Returns a Java private key representation of this JWK.
OctetKeyPair	toPublicJWK() Returns a copy of this Octet Key Pair JWK with any private values removed.
PublicKey	toPublicKey() Returns a Java public key representation of the JWK.

Methods inherited from class com.nimbusds.jose.jwk.JWK

computeThumbprint, computeThumbprint, getAlgorithm, getKeyID, getKeyOperations, getKeyStore, getKeyType, getKeyUse, getX509CertChain, getX509CertSHA256Thumbprint, getX509CertThumbprint, getX509CertURL, load, parse, toJSONString, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

SUPPORTED_CURVES

public static final Set<Curve> SUPPORTED_CURVES

Supported Edwards curves.

Constructor Detail

OctetKeyPair

public OctetKeyPair(Curve crv,
                    Base64URL x,
                    KeyUse use,
                    Set<KeyOperation> ops,
                    Algorithm alg,
                    String kid,
                    URI x5u,
                    Base64URL x5t,
                    Base64URL x5t256,
                    List<Base64> x5c,
                    KeyStore ks)

Creates a new public Octet Key Pair JSON Web Key (JWK) with the specified parameters.

Parameters:

crv - The cryptographic curve. Must not be null.

x - The public 'x' parameter. Must not be null.

use - The key use, null if not specified or if the key is intended for signing as well as encryption.

ops - The key operations, null if not specified.

alg - The intended JOSE algorithm for the key, null if not specified.

kid - The key ID, null if not specified.

x5u - The X.509 certificate URL, null if not specified.

x5t - The X.509 certificate SHA-1 thumbprint, null if not specified.

x5t256 - The X.509 certificate SHA-256 thumbprint, null if not specified.

x5c - The X.509 certificate chain, null if not specified.

ks - Reference to the underlying key store, null if not specified.

OctetKeyPair

public OctetKeyPair(Curve crv,
                    Base64URL x,
                    Base64URL d,
                    KeyUse use,
                    Set<KeyOperation> ops,
                    Algorithm alg,
                    String kid,
                    URI x5u,
                    Base64URL x5t,
                    Base64URL x5t256,
                    List<Base64> x5c,
                    KeyStore ks)

Creates a new public / private Octet Key Pair JSON Web Key (JWK) with the specified parameters.

Parameters:

crv - The cryptographic curve. Must not be null.

x - The public 'x' parameter. Must not be null.

d - The private 'd' parameter. Must not be null.

use - The key use, null if not specified or if the key is intended for signing as well as encryption.

ops - The key operations, null if not specified.

alg - The intended JOSE algorithm for the key, null if not specified.

kid - The key ID, null if not specified.

x5u - The X.509 certificate URL, null if not specified.

x5t - The X.509 certificate SHA-1 thumbprint, null if not specified.

x5t256 - The X.509 certificate SHA-256 thumbprint, null if not specified.

x5c - The X.509 certificate chain, null if not specified.

ks - Reference to the underlying key store, null if not specified.

Method Detail

getCurve

public Curve getCurve()

Description copied from interface: CurveBasedJWK

Returns the cryptographic curve.

Specified by:

getCurve in interface CurveBasedJWK

Returns:

The cryptographic curve.

getX

public Base64URL getX()

Gets the public 'x' parameter.

Returns:

The public 'x' parameter.

getD

public Base64URL getD()

Gets the private 'd' parameter.

Returns:

The private 'd' coordinate, null if not specified (for a public key).

toPublicKey

public PublicKey toPublicKey()
                      throws JOSEException

Description copied from interface: AssymetricJWK

Returns a Java public key representation of the JWK.

Specified by:

toPublicKey in interface AssymetricJWK

Returns:

The Java public key.

Throws:

JOSEException - If conversion failed or is not supported.

toPrivateKey

public PrivateKey toPrivateKey()
                        throws JOSEException

Description copied from interface: AssymetricJWK

Returns a Java private key representation of this JWK.

Specified by:

toPrivateKey in interface AssymetricJWK

Returns:

The Java private key, null if not specified.

Throws:

JOSEException - If conversion failed or is not supported.

toKeyPair

public KeyPair toKeyPair()
                  throws JOSEException

Description copied from interface: AssymetricJWK

Returns a Java key pair representation of this JWK.

Specified by:

toKeyPair in interface AssymetricJWK

Returns:

The Java key pair. The private key will be null if not specified.

Throws:

JOSEException - If conversion failed or is not supported.

getRequiredParams

public LinkedHashMap<String,?> getRequiredParams()

Description copied from class: JWK

Returns the required JWK parameters. Intended as input for JWK thumbprint computation. See RFC 7638 for more information.

Specified by:

getRequiredParams in class JWK

Returns:

The required JWK parameters, sorted alphanumerically by key name and ready for JSON serialisation.

isPrivate

public boolean isPrivate()

Description copied from class: JWK

Returns true if this JWK contains private or sensitive (non-public) parameters.

Specified by:

isPrivate in class JWK

Returns:

true if this JWK contains private parameters, else false.

toPublicJWK

public OctetKeyPair toPublicJWK()

Returns a copy of this Octet Key Pair JWK with any private values removed.

Specified by:

toPublicJWK in class JWK

Returns:

The copied public Octet Key Pair JWK.

toJSONObject

public net.minidev.json.JSONObject toJSONObject()

Description copied from class: JWK

Returns a JSON object representation of this JWK. This method is intended to be called from extending classes.

Example:

 {
   "kty" : "RSA",
   "use" : "sig",
   "kid" : "fd28e025-8d24-48bc-a51a-e2ffc8bc274b"
 }
 

Overrides:

toJSONObject in class JWK

Returns:

The JSON object representation.

size

public int size()

Description copied from class: JWK

Returns the size of this JWK.

Specified by:

size in class JWK

Returns:

The JWK size, in bits.

parse

public static OctetKeyPair parse(String s)
                          throws ParseException

Parses a public / private Octet Key Pair JWK from the specified JSON object string representation.

Parameters:

s - The JSON object string to parse. Must not be null.

Returns:

The public / private Octet Key Pair JWK.

Throws:

ParseException - If the string couldn't be parsed to an Octet Key Pair JWK.

parse

public static OctetKeyPair parse(net.minidev.json.JSONObject jsonObject)
                          throws ParseException

Parses a public / private Octet Key Pair JWK from the specified JSON object representation.

Parameters:

jsonObject - The JSON object to parse. Must not be null.

Returns:

The public / private Octet Key Pair JWK.

Throws:

ParseException - If the JSON object couldn't be parsed to an Octet Key Pair JWK.