Package com.nimbusds.jose.crypto.impl

Class PasswordBasedCryptoProvider

    • Constructor Detail

      • PasswordBasedCryptoProvider

        protected PasswordBasedCryptoProvider​(byte[] password)
        Creates a new password-based encryption / decryption provider.
        Parameters:
        password - The password bytes. Must not be empty or null.

    • Method Detail

      • getPassword

        public byte[] getPassword()
        Returns the password.
        Returns:
        The password bytes.

      • getPasswordString

        public String getPasswordString()
        Returns the password.
        Returns:
        The password as a UTF-8 encoded string.

      • supportedJWEAlgorithms

        public Set<JWEAlgorithm> supportedJWEAlgorithms()
        Description copied from interface: JWEProvider
        Returns the names of the supported algorithms by the JWE provider instance. These correspond to the alg JWE header parameter.
        Specified by:
        supportedJWEAlgorithms in interface JWEProvider
        Returns:
        The supported JWE algorithms, empty set if none.

      • supportedEncryptionMethods

        public Set<EncryptionMethod> supportedEncryptionMethods()
        Description copied from interface: JWEProvider
        Returns the names of the supported encryption methods by the JWE provier. These correspond to the enc JWE header parameter.
        Specified by:
        supportedEncryptionMethods in interface JWEProvider
        Returns:
        The supported encryption methods, empty set if none.

      • getJCAContext

        public JWEJCAContext getJCAContext()
        Description copied from interface: JCAAware
        Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.
        Specified by:
        getJCAContext in interface JCAAware<JWEJCAContext>
        Returns:
        The JCA context. Not null.

      • isCEKProvided

        protected boolean isCEKProvided()
        Returns true if a content encryption key (CEK) was provided at construction time.
        Returns:
        true if a CEK was provided at construction time, false if CEKs will be internally generated.

      • getCEK

        protected SecretKey getCEK​(EncryptionMethod enc)
                    throws JOSEException
        Returns the content encryption key (CEK) to use. Unless a CEK was provided at construction time this will be a new internally generated CEK.
        Parameters:
        enc - The encryption method. Must not be null.
        Returns:
        The content encryption key (CEK).
        Throws:
        JOSEException - If an internal exception is encountered.