Package com.nimbusds.jose.jwk
Class OctetKeyPair
- java.lang.Object
-
- com.nimbusds.jose.jwk.JWK
-
- com.nimbusds.jose.jwk.OctetKeyPair
-
- All Implemented Interfaces:
AsymmetricJWK
,CurveBasedJWK
,Serializable
@Immutable public class OctetKeyPair extends JWK implements AsymmetricJWK, CurveBasedJWK
Octet key pair
JSON Web Key (JWK), used to represent Edwards-curve keys. This class is immutable.Supported curves:
Example JSON object representation of a public OKP JWK:
{ "kty" : "OKP", "crv" : "Ed25519", "x" : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", "use" : "sig", "kid" : "1" }
Example JSON object representation of a private OKP JWK:
{ "kty" : "OKP", "crv" : "Ed25519", "x" : "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo", "d" : "nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A", "use" : "sig", "kid" : "1" }
Use the builder to create a new OKP JWK:
OctetKeyPair key = new OctetKeyPair.Builder(Curve.Ed25519, x) .keyUse(KeyUse.SIGNATURE) .keyID("1") .build();
- Version:
- 2020-06-03
- Author:
- Vladimir Dzhuvinov
- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
OctetKeyPair.Builder
Builder for constructing Octet Key Pair JWKs.
-
Field Summary
Fields Modifier and Type Field Description static Set<Curve>
SUPPORTED_CURVES
Supported Edwards curves.
-
Constructor Summary
Constructors Constructor Description OctetKeyPair(Curve crv, Base64URL x, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
Creates a new public Octet Key Pair JSON Web Key (JWK) with the specified parameters.OctetKeyPair(Curve crv, Base64URL x, Base64URL d, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
Creates a new public / private Octet Key Pair JSON Web Key (JWK) with the specified parameters.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object o)
Curve
getCurve()
Returns the cryptographic curve.Base64URL
getD()
Gets the private 'd' parameter.byte[]
getDecodedD()
Gets the private 'd' parameter, decoded from Base64.byte[]
getDecodedX()
Gets the public 'x' parameter, decoded from Base64.LinkedHashMap<String,?>
getRequiredParams()
Returns the required JWK parameters.Base64URL
getX()
Gets the public 'x' parameter.int
hashCode()
boolean
isPrivate()
Returnstrue
if this JWK contains private or sensitive (non-public) parameters.boolean
matches(X509Certificate cert)
Returnstrue
if the public key material of this JWK matches the public subject key info of the specified X.509 certificate.static OctetKeyPair
parse(String s)
Parses a public / private Octet Key Pair JWK from the specified JSON object string representation.static OctetKeyPair
parse(Map<String,Object> jsonObject)
Parses a public / private Octet Key Pair JWK from the specified JSON object representation.int
size()
Returns the size of this JWK.Map<String,Object>
toJSONObject()
Returns a JSON object representation of this JWK.KeyPair
toKeyPair()
Returns a Java key pair representation of this JWK.PrivateKey
toPrivateKey()
Returns a Java private key representation of this JWK.OctetKeyPair
toPublicJWK()
Returns a copy of this Octet Key Pair JWK with any private values removed.PublicKey
toPublicKey()
Returns a Java public key representation of the JWK.-
Methods inherited from class com.nimbusds.jose.jwk.JWK
computeThumbprint, computeThumbprint, computeThumbprintURI, getAlgorithm, getKeyID, getKeyOperations, getKeyStore, getKeyType, getKeyUse, getParsedX509CertChain, getX509CertChain, getX509CertSHA256Thumbprint, getX509CertThumbprint, getX509CertURL, load, parse, parseFromPEMEncodedObjects, parseFromPEMEncodedX509Cert, toECKey, toJSONString, toOctetKeyPair, toOctetSequenceKey, toRSAKey, toString
-
-
-
-
Field Detail
-
SUPPORTED_CURVES
public static final Set<Curve> SUPPORTED_CURVES
Supported Edwards curves.
-
-
Constructor Detail
-
OctetKeyPair
public OctetKeyPair(Curve crv, Base64URL x, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
Creates a new public Octet Key Pair JSON Web Key (JWK) with the specified parameters.- Parameters:
crv
- The cryptographic curve. Must not benull
.x
- The public 'x' parameter. Must not benull
.use
- The key use,null
if not specified or if the key is intended for signing as well as encryption.ops
- The key operations,null
if not specified.alg
- The intended JOSE algorithm for the key,null
if not specified.kid
- The key ID,null
if not specified.x5u
- The X.509 certificate URL,null
if not specified.x5t
- The X.509 certificate SHA-1 thumbprint,null
if not specified.x5t256
- The X.509 certificate SHA-256 thumbprint,null
if not specified.x5c
- The X.509 certificate chain,null
if not specified.ks
- Reference to the underlying key store,null
if not specified.
-
OctetKeyPair
public OctetKeyPair(Curve crv, Base64URL x, Base64URL d, KeyUse use, Set<KeyOperation> ops, Algorithm alg, String kid, URI x5u, Base64URL x5t, Base64URL x5t256, List<Base64> x5c, KeyStore ks)
Creates a new public / private Octet Key Pair JSON Web Key (JWK) with the specified parameters.- Parameters:
crv
- The cryptographic curve. Must not benull
.x
- The public 'x' parameter. Must not benull
.d
- The private 'd' parameter. Must not benull
.use
- The key use,null
if not specified or if the key is intended for signing as well as encryption.ops
- The key operations,null
if not specified.alg
- The intended JOSE algorithm for the key,null
if not specified.kid
- The key ID,null
if not specified.x5u
- The X.509 certificate URL,null
if not specified.x5t
- The X.509 certificate SHA-1 thumbprint,null
if not specified.x5t256
- The X.509 certificate SHA-256 thumbprint,null
if not specified.x5c
- The X.509 certificate chain,null
if not specified.ks
- Reference to the underlying key store,null
if not specified.
-
-
Method Detail
-
getCurve
public Curve getCurve()
Description copied from interface:CurveBasedJWK
Returns the cryptographic curve.- Specified by:
getCurve
in interfaceCurveBasedJWK
- Returns:
- The cryptographic curve.
-
getDecodedX
public byte[] getDecodedX()
Gets the public 'x' parameter, decoded from Base64.- Returns:
- The public 'x' parameter in bytes.
-
getD
public Base64URL getD()
Gets the private 'd' parameter.- Returns:
- The private 'd' coordinate,
null
if not specified (for a public key).
-
getDecodedD
public byte[] getDecodedD()
Gets the private 'd' parameter, decoded from Base64.- Returns:
- The private 'd' coordinate in bytes,
null
if not specified (for a public key).
-
toPublicKey
public PublicKey toPublicKey() throws JOSEException
Description copied from interface:AsymmetricJWK
Returns a Java public key representation of the JWK.- Specified by:
toPublicKey
in interfaceAsymmetricJWK
- Returns:
- The Java public key.
- Throws:
JOSEException
- If conversion failed or is not supported.
-
toPrivateKey
public PrivateKey toPrivateKey() throws JOSEException
Description copied from interface:AsymmetricJWK
Returns a Java private key representation of this JWK.- Specified by:
toPrivateKey
in interfaceAsymmetricJWK
- Returns:
- The Java private key,
null
if not specified. - Throws:
JOSEException
- If conversion failed or is not supported.
-
toKeyPair
public KeyPair toKeyPair() throws JOSEException
Description copied from interface:AsymmetricJWK
Returns a Java key pair representation of this JWK.- Specified by:
toKeyPair
in interfaceAsymmetricJWK
- Returns:
- The Java key pair. The private key will be
null
if not specified. - Throws:
JOSEException
- If conversion failed or is not supported.
-
matches
public boolean matches(X509Certificate cert)
Description copied from interface:AsymmetricJWK
Returnstrue
if the public key material of this JWK matches the public subject key info of the specified X.509 certificate.- Specified by:
matches
in interfaceAsymmetricJWK
- Parameters:
cert
- The X.509 certificate. Must not benull
.- Returns:
true
if the public key material of this JWK matches the public subject key info of the specified X.509 certificate, elsefalse
.
-
getRequiredParams
public LinkedHashMap<String,?> getRequiredParams()
Description copied from class:JWK
Returns the required JWK parameters. Intended as input for JWK thumbprint computation. See RFC 7638 for more information.- Specified by:
getRequiredParams
in classJWK
- Returns:
- The required JWK parameters, sorted alphanumerically by key name and ready for JSON serialisation.
-
isPrivate
public boolean isPrivate()
Description copied from class:JWK
Returnstrue
if this JWK contains private or sensitive (non-public) parameters.
-
toPublicJWK
public OctetKeyPair toPublicJWK()
Returns a copy of this Octet Key Pair JWK with any private values removed.- Specified by:
toPublicJWK
in classJWK
- Returns:
- The copied public Octet Key Pair JWK.
-
toJSONObject
public Map<String,Object> toJSONObject()
Description copied from class:JWK
Returns a JSON object representation of this JWK. This method is intended to be called from extending classes.Example:
{ "kty" : "RSA", "use" : "sig", "kid" : "fd28e025-8d24-48bc-a51a-e2ffc8bc274b" }
- Overrides:
toJSONObject
in classJWK
- Returns:
- The JSON object representation.
-
parse
public static OctetKeyPair parse(String s) throws ParseException
Parses a public / private Octet Key Pair JWK from the specified JSON object string representation.- Parameters:
s
- The JSON object string to parse. Must not benull
.- Returns:
- The public / private Octet Key Pair JWK.
- Throws:
ParseException
- If the string couldn't be parsed to an Octet Key Pair JWK.
-
parse
public static OctetKeyPair parse(Map<String,Object> jsonObject) throws ParseException
Parses a public / private Octet Key Pair JWK from the specified JSON object representation.- Parameters:
jsonObject
- The JSON object to parse. Must not benull
.- Returns:
- The public / private Octet Key Pair JWK.
- Throws:
ParseException
- If the JSON object couldn't be parsed to an Octet Key Pair JWK.
-
-