Package com.nimbusds.jose.crypto.impl

Class RSA_OAEP

java.lang.Object

com.nimbusds.jose.crypto.impl.RSA_OAEP

@ThreadSafe
public class RSA_OAEP
extends Object

RSAES OAEP methods for Content Encryption Key (CEK) encryption and decryption. Uses the BouncyCastle.org provider. This class is thread-safe

Version:

2017-11-27

Author:

Vladimir Dzhuvinov

Method Summary

Modifier and Type	Method	Description
static SecretKey	decryptCEK(PrivateKey priv, byte[] encryptedCEK, Provider provider)	Decrypts the specified encrypted Content Encryption Key (CEK).
static byte[]	encryptCEK(RSAPublicKey pub, SecretKey cek, Provider provider)	Encrypts the specified Content Encryption Key (CEK).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

encryptCEK

public static byte[] encryptCEK(RSAPublicKey pub,
                                SecretKey cek,
                                Provider provider)
                         throws JOSEException

Encrypts the specified Content Encryption Key (CEK).

Parameters:

pub - The public RSA key. Must not be null.

cek - The Content Encryption Key (CEK) to encrypt. Must not be null.

provider - The JCA provider, or null to use the default one.

Returns:

The encrypted Content Encryption Key (CEK).

Throws:

JOSEException - If encryption failed.

decryptCEK

public static SecretKey decryptCEK(PrivateKey priv,
                                   byte[] encryptedCEK,
                                   Provider provider)
                            throws JOSEException

Decrypts the specified encrypted Content Encryption Key (CEK).

Parameters:

priv - The private RSA key. Must not be null.

encryptedCEK - The encrypted Content Encryption Key (CEK) to decrypt. Must not be null.

provider - The JCA provider, or null to use the default one.

Returns:

The decrypted Content Encryption Key (CEK).

Throws:

JOSEException - If decryption failed.