Package com.nimbusds.jose.crypto.impl
Class ECDH1PUCryptoProvider
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.ECDH1PUCryptoProvider
-
- All Implemented Interfaces:
JCAAware<JWEJCAContext>
,JOSEProvider
,JWEProvider
- Direct Known Subclasses:
ECDH1PUDecrypter
,ECDH1PUEncrypter
,ECDH1PUX25519Decrypter
,ECDH1PUX25519Encrypter
public abstract class ECDH1PUCryptoProvider extends Object
The base abstract class for Elliptic Curve Diffie-Hellman One-Pass Unified Model encrypters and decrypters ofJWE objects
.Supports the following key management algorithms:
JWEAlgorithm.ECDH_1PU
JWEAlgorithm.ECDH_1PU_A128KW
JWEAlgorithm.ECDH_1PU_A192KW
JWEAlgorithm.ECDH_1PU_A256KW
Supports the following elliptic curves:
Supports the following content encryption algorithms for Direct key agreement mode:
EncryptionMethod.A128CBC_HS256
EncryptionMethod.A192CBC_HS384
EncryptionMethod.A256CBC_HS512
EncryptionMethod.A128GCM
EncryptionMethod.A192GCM
EncryptionMethod.A256GCM
EncryptionMethod.A128CBC_HS256_DEPRECATED
EncryptionMethod.A256CBC_HS512_DEPRECATED
EncryptionMethod.XC20P
Supports the following content encryption algorithms for Key wrapping mode:
- Version:
- 2021-08-03
- Author:
- Alexander Martynov
-
-
Field Summary
Fields Modifier and Type Field Description static Set<JWEAlgorithm>
SUPPORTED_ALGORITHMS
The supported JWE algorithms by the ECDH crypto provider class.static Set<EncryptionMethod>
SUPPORTED_ENCRYPTION_METHODS
The supported encryption methods by the ECDH crypto provider class.
-
Constructor Summary
Constructors Modifier Constructor Description protected
ECDH1PUCryptoProvider(Curve curve)
Creates a new Elliptic Curve Diffie-Hellman One-Pass Unified Model encryption / decryption provider.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected byte[]
decryptWithZ(JWEHeader header, SecretKey Z, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag)
Decrypts the encrypted JWE parts using the specified shared secret ("Z").protected JWECryptoParts
encryptWithZ(JWEHeader header, SecretKey Z, byte[] clearText, SecretKey contentEncryptionKey)
Encrypts the specified plaintext using the specified shared secret ("Z"), with an optionally externally supplied content encryption key (CEK) forECDH.AlgorithmMode.KW
.protected ConcatKDF
getConcatKDF()
Returns the Concatenation Key Derivation Function (KDF).Curve
getCurve()
Returns the elliptic curve of the key (JWK designation).JWEJCAContext
getJCAContext()
Returns the Java Cryptography Architecture (JCA) context.abstract Set<Curve>
supportedEllipticCurves()
Returns the names of the supported elliptic curves.Set<EncryptionMethod>
supportedEncryptionMethods()
Returns the names of the supported encryption methods by the JWE provier.Set<JWEAlgorithm>
supportedJWEAlgorithms()
Returns the names of the supported algorithms by the JWE provider instance.
-
-
-
Field Detail
-
SUPPORTED_ALGORITHMS
public static final Set<JWEAlgorithm> SUPPORTED_ALGORITHMS
The supported JWE algorithms by the ECDH crypto provider class.
-
SUPPORTED_ENCRYPTION_METHODS
public static final Set<EncryptionMethod> SUPPORTED_ENCRYPTION_METHODS
The supported encryption methods by the ECDH crypto provider class.
-
-
Constructor Detail
-
ECDH1PUCryptoProvider
protected ECDH1PUCryptoProvider(Curve curve) throws JOSEException
Creates a new Elliptic Curve Diffie-Hellman One-Pass Unified Model encryption / decryption provider.- Parameters:
curve
- The elliptic curve. Must be supported and notnull
.- Throws:
JOSEException
- If the elliptic curve is not supported.
-
-
Method Detail
-
getConcatKDF
protected ConcatKDF getConcatKDF()
Returns the Concatenation Key Derivation Function (KDF).- Returns:
- The concat KDF.
-
supportedEllipticCurves
public abstract Set<Curve> supportedEllipticCurves()
Returns the names of the supported elliptic curves. These correspond to thecrv
JWK parameter.- Returns:
- The supported elliptic curves.
-
getCurve
public Curve getCurve()
Returns the elliptic curve of the key (JWK designation).- Returns:
- The elliptic curve.
-
encryptWithZ
protected JWECryptoParts encryptWithZ(JWEHeader header, SecretKey Z, byte[] clearText, SecretKey contentEncryptionKey) throws JOSEException
Encrypts the specified plaintext using the specified shared secret ("Z"), with an optionally externally supplied content encryption key (CEK) forECDH.AlgorithmMode.KW
.- Throws:
JOSEException
-
decryptWithZ
protected byte[] decryptWithZ(JWEHeader header, SecretKey Z, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag) throws JOSEException
Decrypts the encrypted JWE parts using the specified shared secret ("Z").- Throws:
JOSEException
-
supportedJWEAlgorithms
public Set<JWEAlgorithm> supportedJWEAlgorithms()
Description copied from interface:JWEProvider
Returns the names of the supported algorithms by the JWE provider instance. These correspond to thealg
JWE header parameter.- Specified by:
supportedJWEAlgorithms
in interfaceJWEProvider
- Returns:
- The supported JWE algorithms, empty set if none.
-
supportedEncryptionMethods
public Set<EncryptionMethod> supportedEncryptionMethods()
Description copied from interface:JWEProvider
Returns the names of the supported encryption methods by the JWE provier. These correspond to theenc
JWE header parameter.- Specified by:
supportedEncryptionMethods
in interfaceJWEProvider
- Returns:
- The supported encryption methods, empty set if none.
-
getJCAContext
public JWEJCAContext getJCAContext()
Description copied from interface:JCAAware
Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.- Specified by:
getJCAContext
in interfaceJCAAware<JWEJCAContext>
- Returns:
- The JCA context. Not
null
.
-
-