Package com.nimbusds.jose.crypto

Class RSADecrypter

java.lang.Object

com.nimbusds.jose.crypto.impl.RSACryptoProvider

com.nimbusds.jose.crypto.RSADecrypter

All Implemented Interfaces:

CriticalHeaderParamsAware, JCAAware<JWEJCAContext>, JOSEProvider, JWEDecrypter, JWEProvider

@ThreadSafe
public class RSADecrypter
extends RSACryptoProvider
implements JWEDecrypter, CriticalHeaderParamsAware

RSA decrypter of JWE objects. Expects a private RSA key.

Decrypts the encrypted Content Encryption Key (CEK) with the private RSA key, and then uses the CEK along with the IV and authentication tag to decrypt the cipher text. See RFC 7518, sections 4.2 and 4.3 for more information.

This class is thread-safe.

Supports the following key management algorithms:

• JWEAlgorithm.RSA_OAEP_256
• JWEAlgorithm.RSA_OAEP_384
• JWEAlgorithm.RSA_OAEP_512
• JWEAlgorithm.RSA_OAEP (deprecated)
• JWEAlgorithm.RSA1_5 (deprecated)

Supports the following content encryption algorithms:

• EncryptionMethod.A128CBC_HS256
• EncryptionMethod.A192CBC_HS384
• EncryptionMethod.A256CBC_HS512
• EncryptionMethod.A128GCM
• EncryptionMethod.A192GCM
• EncryptionMethod.A256GCM
• EncryptionMethod.A128CBC_HS256_DEPRECATED
• EncryptionMethod.A256CBC_HS512_DEPRECATED
• EncryptionMethod.XC20P

Version:

2021-09-23

Author:

David Ortiz, Vladimir Dzhuvinov, Dimitar A. Stoikov

Field Summary

Fields inherited from class com.nimbusds.jose.crypto.impl.RSACryptoProvider

SUPPORTED_ALGORITHMS, SUPPORTED_ENCRYPTION_METHODS

Constructor Summary

Constructors

Constructor	Description
RSADecrypter(RSAKey rsaJWK)	Creates a new RSA decrypter.
RSADecrypter(PrivateKey privateKey)	Creates a new RSA decrypter.
RSADecrypter(PrivateKey privateKey, Set<String> defCritHeaders)	Creates a new RSA decrypter.
RSADecrypter(PrivateKey privateKey, Set<String> defCritHeaders, boolean allowWeakKey)	Creates a new RSA decrypter.

Method Summary

Modifier and Type	Method	Description
byte[]	decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag)	Decrypts the specified cipher text of a JWE Object.
Exception	getCEKDecryptionException()	Returns the Content Encryption Key (CEK) decryption exception if one was encountered during the last decrypt(com.nimbusds.jose.JWEHeader, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL) run.
Set<String>	getDeferredCriticalHeaderParams()	Returns the names of the critical (crit) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.
JWEJCAContext	getJCAContext()	Returns the Java Cryptography Architecture (JCA) context.
PrivateKey	getPrivateKey()	Gets the private RSA key.
Set<String>	getProcessedCriticalHeaderParams()	Returns the names of the critical (crit) header parameters that are understood and processed by the JWS verifier / JWE decrypter.
Set<EncryptionMethod>	supportedEncryptionMethods()	Returns the names of the supported encryption methods by the JWE provier.
Set<JWEAlgorithm>	supportedJWEAlgorithms()	Returns the names of the supported algorithms by the JWE provider instance.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.nimbusds.jose.jca.JCAAware

getJCAContext

Methods inherited from interface com.nimbusds.jose.JWEProvider

supportedEncryptionMethods, supportedJWEAlgorithms

Constructor Detail

RSADecrypter

public RSADecrypter(PrivateKey privateKey)

Creates a new RSA decrypter. This constructor can also accept a private RSA key located in a PKCS#11 store that doesn't expose the private key parameters (such as a smart card or HSM).

Parameters:

privateKey - The private RSA key. Its algorithm must be "RSA" and its length at least 2048 bits. Note that the length of an RSA key in a PKCS#11 store cannot be checked. Must not be null.

RSADecrypter

public RSADecrypter(RSAKey rsaJWK)
             throws JOSEException

Creates a new RSA decrypter.

Parameters:

rsaJWK - The RSA JSON Web Key (JWK). Must contain or reference a private part. Its length must be at least 2048 bits. Note that the length of an RSA key in a PKCS#11 store cannot be checked. Must not be null.

Throws:

JOSEException - If the RSA JWK doesn't contain a private part or its extraction failed.

RSADecrypter

public RSADecrypter(PrivateKey privateKey,
                    Set<String> defCritHeaders)

Creates a new RSA decrypter. This constructor can also accept a private RSA key located in a PKCS#11 store that doesn't expose the private key parameters (such as a smart card or HSM).

Parameters:

privateKey - The private RSA key. Its algorithm must be "RSA" and its length at least 2048 bits. Note that the length of an RSA key in a PKCS#11 store cannot be checked. Must not be null.

defCritHeaders - The names of the critical header parameters that are deferred to the application for processing, empty set or null if none.

RSADecrypter

public RSADecrypter(PrivateKey privateKey,
                    Set<String> defCritHeaders,
                    boolean allowWeakKey)

Creates a new RSA decrypter. This constructor can also accept a private RSA key located in a PKCS#11 store that doesn't expose the private key parameters (such as a smart card or HSM).

Parameters:

privateKey - The private RSA key. Its algorithm must be "RSA" and its length at least 2048 bits. Note that the length of an RSA key in a PKCS#11 store cannot be checked. Must not be null.

defCritHeaders - The names of the critical header parameters that are deferred to the application for processing, empty set or null if none.

allowWeakKey - true to allow an RSA key shorter than 2048 bits.

Method Detail

getPrivateKey

public PrivateKey getPrivateKey()

Gets the private RSA key.

Returns:

The private RSA key. Casting to RSAPrivateKey may not be possible if the key is located in a PKCS#11 store that doesn't expose the private key parameters.

getProcessedCriticalHeaderParams

public Set<String> getProcessedCriticalHeaderParams()

Description copied from interface: CriticalHeaderParamsAware

Returns the names of the critical (crit) header parameters that are understood and processed by the JWS verifier / JWE decrypter.

Specified by:

getProcessedCriticalHeaderParams in interface CriticalHeaderParamsAware

Returns:

The names of the critical header parameters that are understood and processed, empty set if none.

getDeferredCriticalHeaderParams

public Set<String> getDeferredCriticalHeaderParams()

Description copied from interface: CriticalHeaderParamsAware

Returns the names of the critical (crit) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.

Specified by:

getDeferredCriticalHeaderParams in interface CriticalHeaderParamsAware

Returns:

The names of the critical header parameters that are deferred to the application for processing, empty set if none.

decrypt

public byte[] decrypt(JWEHeader header,
                      Base64URL encryptedKey,
                      Base64URL iv,
                      Base64URL cipherText,
                      Base64URL authTag)
               throws JOSEException

Description copied from interface: JWEDecrypter

Decrypts the specified cipher text of a JWE Object.

Specified by:

decrypt in interface JWEDecrypter

Parameters:

header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.

encryptedKey - The encrypted key, null if not required by the JWE algorithm.

iv - The initialisation vector, null if not required by the JWE algorithm.

cipherText - The cipher text to decrypt. Must not be null.

authTag - The authentication tag, null if not required.

Returns:

The clear text.

Throws:

JOSEException - If the JWE algorithm or method is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if decryption failed for some other reason.

getCEKDecryptionException

public Exception getCEKDecryptionException()

Returns the Content Encryption Key (CEK) decryption exception if one was encountered during the last decrypt(com.nimbusds.jose.JWEHeader, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL, com.nimbusds.jose.util.Base64URL) run. Intended for logging and debugging purposes.

Returns:

The recorded exception, null if none.

supportedJWEAlgorithms

public Set<JWEAlgorithm> supportedJWEAlgorithms()

Description copied from interface: JWEProvider

Returns the names of the supported algorithms by the JWE provider instance. These correspond to the alg JWE header parameter.

Specified by:

supportedJWEAlgorithms in interface JWEProvider

Returns:

The supported JWE algorithms, empty set if none.

supportedEncryptionMethods

public Set<EncryptionMethod> supportedEncryptionMethods()

Description copied from interface: JWEProvider

Returns the names of the supported encryption methods by the JWE provier. These correspond to the enc JWE header parameter.

Specified by:

supportedEncryptionMethods in interface JWEProvider

Returns:

The supported encryption methods, empty set if none.

getJCAContext

public JWEJCAContext getJCAContext()

Description copied from interface: JCAAware

Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.

Specified by:

getJCAContext in interface JCAAware<JWEJCAContext>

Returns:

The JCA context. Not null.