RSA_OAEP_SHA2 (Nimbus JOSE + JWT v9.16-preview.1)

java.lang.Object
- com.nimbusds.jose.crypto.impl.RSA_OAEP_SHA2

```
@ThreadSafe
public class RSA_OAEP_SHA2
extends Object
```
RSAES OAEP with SHA-256, SHA-384 and SHA-512 methods for Content Encryption Key (CEK) encryption and decryption. This class is thread-safe.

Version:

2021-09-24

Author:

Vladimir Dzhuvinov, Justin Richer, Peter Laurina

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static SecretKey`	`decryptCEK(PrivateKey priv, byte[] encryptedCEK, int shaBitSize, Provider provider)` Decrypts the specified encrypted Content Encryption Key (CEK).
`static byte[]`	`encryptCEK(RSAPublicKey pub, SecretKey cek, int shaBitSize, Provider provider)` Encrypts the specified Content Encryption Key (CEK).

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - encryptCEK
```
public static byte[] encryptCEK(RSAPublicKey pub,
                                SecretKey cek,
                                int shaBitSize,
                                Provider provider)
                         throws JOSEException
```
    Encrypts the specified Content Encryption Key (CEK).
    
    Parameters:
    
    pub - The public RSA key. Must not be null.
    
    cek - The Content Encryption Key (CEK) to encrypt. Must not be null.
    
    shaBitSize - The SHA-2 bit size. Must be 256, 384 or 512.
    
    provider - The JCA provider, or null to use the default one.
    
    Returns:
    
    The encrypted Content Encryption Key (CEK).
    
    Throws:
    
    JOSEException - If encryption failed.
  - decryptCEK
```
public static SecretKey decryptCEK(PrivateKey priv,
                                   byte[] encryptedCEK,
                                   int shaBitSize,
                                   Provider provider)
                            throws JOSEException
```
    Decrypts the specified encrypted Content Encryption Key (CEK).
    
    Parameters:
    
    priv - The private RSA key. Must not be null.
    
    encryptedCEK - The encrypted Content Encryption Key (CEK) to decrypt. Must not be null.
    
    shaBitSize - The SHA-2 bit size. Must be 256 or 512.
    
    provider - The JCA provider, or null to use the default one.
    
    Returns:
    
    The decrypted Content Encryption Key (CEK).
    
    Throws:
    
    JOSEException - If decryption failed.

Class RSA_OAEP_SHA2

Method Summary

Methods inherited from class java.lang.Object

Method Detail

encryptCEK

decryptCEK