Package com.nimbusds.jose.crypto
Class X25519Decrypter
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
-
- com.nimbusds.jose.crypto.X25519Decrypter
-
- All Implemented Interfaces:
CriticalHeaderParamsAware
,JCAAware<JWEJCAContext>
,JOSEProvider
,JWEDecrypter
,JWEProvider
public class X25519Decrypter extends ECDHCryptoProvider implements JWEDecrypter, CriticalHeaderParamsAware
Curve25519 Elliptic Curve Diffie-Hellman decrypter ofJWE objects
. Expects a privateOctetKeyPair
key with"crv"
X25519.See RFC 8037 for more information.
See also
ECDHDecrypter
for ECDH on other curves.This class is thread-safe.
Supports the following key management algorithms:
JWEAlgorithm.ECDH_ES
JWEAlgorithm.ECDH_ES_A128KW
JWEAlgorithm.ECDH_ES_A192KW
JWEAlgorithm.ECDH_ES_A256KW
Supports the following elliptic curve:
Curve.X25519
(Curve25519)
Supports the following content encryption algorithms:
- Version:
- 2018-07-12
- Author:
- Tim McLean
-
-
Field Summary
-
Fields inherited from class com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
SUPPORTED_ALGORITHMS, SUPPORTED_ENCRYPTION_METHODS
-
-
Constructor Summary
Constructors Constructor Description X25519Decrypter(OctetKeyPair privateKey)
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.X25519Decrypter(OctetKeyPair privateKey, Set<String> defCritHeaders)
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description byte[]
decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag)
Decrypts the specified cipher text of aJWE Object
.Set<String>
getDeferredCriticalHeaderParams()
Returns the names of the critical (crit
) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.JWEJCAContext
getJCAContext()
Returns the Java Cryptography Architecture (JCA) context.OctetKeyPair
getPrivateKey()
Returns the private key.Set<String>
getProcessedCriticalHeaderParams()
Returns the names of the critical (crit
) header parameters that are understood and processed by the JWS verifier / JWE decrypter.Set<Curve>
supportedEllipticCurves()
Returns the names of the supported elliptic curves.Set<EncryptionMethod>
supportedEncryptionMethods()
Returns the names of the supported encryption methods by the JWE provier.Set<JWEAlgorithm>
supportedJWEAlgorithms()
Returns the names of the supported algorithms by the JWE provider instance.-
Methods inherited from class com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
decryptWithZ, encryptWithZ, encryptWithZ, getConcatKDF, getCurve
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.nimbusds.jose.jca.JCAAware
getJCAContext
-
Methods inherited from interface com.nimbusds.jose.JWEProvider
supportedEncryptionMethods, supportedJWEAlgorithms
-
-
-
-
Constructor Detail
-
X25519Decrypter
public X25519Decrypter(OctetKeyPair privateKey) throws JOSEException
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.- Parameters:
privateKey
- The private key. Must not benull
.- Throws:
JOSEException
- If the key subtype is not supported.
-
X25519Decrypter
public X25519Decrypter(OctetKeyPair privateKey, Set<String> defCritHeaders) throws JOSEException
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.- Parameters:
privateKey
- The private key. Must not benull
.defCritHeaders
- The names of the critical header parameters that are deferred to the application for processing, empty set ornull
if none.- Throws:
JOSEException
- If the key subtype is not supported.
-
-
Method Detail
-
supportedEllipticCurves
public Set<Curve> supportedEllipticCurves()
Description copied from class:ECDHCryptoProvider
Returns the names of the supported elliptic curves. These correspond to thecrv
EC JWK parameter.- Specified by:
supportedEllipticCurves
in classECDHCryptoProvider
- Returns:
- The supported elliptic curves.
-
getPrivateKey
public OctetKeyPair getPrivateKey()
Returns the private key.- Returns:
- The private key.
-
getProcessedCriticalHeaderParams
public Set<String> getProcessedCriticalHeaderParams()
Description copied from interface:CriticalHeaderParamsAware
Returns the names of the critical (crit
) header parameters that are understood and processed by the JWS verifier / JWE decrypter.- Specified by:
getProcessedCriticalHeaderParams
in interfaceCriticalHeaderParamsAware
- Returns:
- The names of the critical header parameters that are understood and processed, empty set if none.
-
getDeferredCriticalHeaderParams
public Set<String> getDeferredCriticalHeaderParams()
Description copied from interface:CriticalHeaderParamsAware
Returns the names of the critical (crit
) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.- Specified by:
getDeferredCriticalHeaderParams
in interfaceCriticalHeaderParamsAware
- Returns:
- The names of the critical header parameters that are deferred to the application for processing, empty set if none.
-
decrypt
public byte[] decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag) throws JOSEException
Description copied from interface:JWEDecrypter
Decrypts the specified cipher text of aJWE Object
.- Specified by:
decrypt
in interfaceJWEDecrypter
- Parameters:
header
- The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not benull
.encryptedKey
- The encrypted key,null
if not required by the JWE algorithm.iv
- The initialisation vector,null
if not required by the JWE algorithm.cipherText
- The cipher text to decrypt. Must not benull
.authTag
- The authentication tag,null
if not required.- Returns:
- The clear text.
- Throws:
JOSEException
- If the JWE algorithm or method is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if decryption failed for some other reason.
-
supportedJWEAlgorithms
public Set<JWEAlgorithm> supportedJWEAlgorithms()
Description copied from interface:JWEProvider
Returns the names of the supported algorithms by the JWE provider instance. These correspond to thealg
JWE header parameter.- Specified by:
supportedJWEAlgorithms
in interfaceJWEProvider
- Returns:
- The supported JWE algorithms, empty set if none.
-
supportedEncryptionMethods
public Set<EncryptionMethod> supportedEncryptionMethods()
Description copied from interface:JWEProvider
Returns the names of the supported encryption methods by the JWE provier. These correspond to theenc
JWE header parameter.- Specified by:
supportedEncryptionMethods
in interfaceJWEProvider
- Returns:
- The supported encryption methods, empty set if none.
-
getJCAContext
public JWEJCAContext getJCAContext()
Description copied from interface:JCAAware
Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.- Specified by:
getJCAContext
in interfaceJCAAware<JWEJCAContext>
- Returns:
- The JCA context. Not
null
.
-
-