Modifier and Type | Class and Description |
---|---|
static class |
ECDH.AlgorithmMode
Enumeration of the Elliptic Curve Diffie-Hellman Ephemeral Static
algorithm modes.
|
Modifier and Type | Method and Description |
---|---|
static SecretKey |
deriveSharedKey(JWEHeader header,
SecretKey Z,
ConcatKDF concatKDF)
Derives a shared key (via concat KDF).
|
static SecretKey |
deriveSharedSecret(ECPublicKey publicKey,
PrivateKey privateKey,
Provider provider)
Derives a shared secret (also called 'Z') from the specified ECDH
key agreement.
|
static SecretKey |
deriveSharedSecret(OctetKeyPair publicKey,
OctetKeyPair privateKey)
Derives a shared secret (also called 'Z') from the specified ECDH
key agreement.
|
static ECDH.AlgorithmMode |
resolveAlgorithmMode(JWEAlgorithm alg)
Resolves the ECDH algorithm mode.
|
static int |
sharedKeyLength(JWEAlgorithm alg,
EncryptionMethod enc)
Returns the bit length of the shared key (derived via concat KDF)
for the specified JWE ECDH algorithm.
|
public static ECDH.AlgorithmMode resolveAlgorithmMode(JWEAlgorithm alg) throws JOSEException
alg
- The JWE algorithm. Must be supported and not
null
.JOSEException
- If the JWE algorithm is not supported.public static int sharedKeyLength(JWEAlgorithm alg, EncryptionMethod enc) throws JOSEException
alg
- The JWE ECDH algorithm. Must be supported and not
null
.enc
- The encryption method. Must be supported} and not
null
.JOSEException
- If the JWE algorithm or encryption method is
not supported.public static SecretKey deriveSharedSecret(ECPublicKey publicKey, PrivateKey privateKey, Provider provider) throws JOSEException
publicKey
- The public EC key, i.e. the consumer's public EC
key on encryption, or the ephemeral public EC key
on decryption. Must not be null
.privateKey
- The private EC Key, i.e. the ephemeral private EC
key on encryption, or the consumer's private EC
key on decryption. Must not be null
.provider
- The specific JCA provider for the ECDH key
agreement, null
to use the default one.JOSEException
- If derivation of the shared secret failed.public static SecretKey deriveSharedSecret(OctetKeyPair publicKey, OctetKeyPair privateKey) throws JOSEException
publicKey
- The public OKP key, i.e. the consumer's public EC
key on encryption, or the ephemeral public EC key
on decryption. Must not be null
.privateKey
- The private OKP key, i.e. the ephemeral private EC
key on encryption, or the consumer's private EC
key on decryption. Must not be null
.JOSEException
- If derivation of the shared secret failed.public static SecretKey deriveSharedKey(JWEHeader header, SecretKey Z, ConcatKDF concatKDF) throws JOSEException
header
- The JWE header. Its algorithm and encryption method
must be supported. Must not be null
.Z
- The derived shared secret ('Z'). Must not be
null
.concatKDF
- The concat KDF. Must be initialised and not
null
.JOSEException
- If derivation of the shared key failed.Copyright © 2020 Connect2id Ltd.. All rights reserved.