Package com.nimbusds.jose.proc
Class JWEDecryptionKeySelector<C extends SecurityContext>
java.lang.Object
com.nimbusds.jose.proc.JWEDecryptionKeySelector<C>
- All Implemented Interfaces:
JWEKeySelector<C>
@ThreadSafe
public class JWEDecryptionKeySelector<C extends SecurityContext>
extends Object
implements JWEKeySelector<C>
Key selector for decrypting JWE objects, where the key candidates are
retrieved from a
JSON Web Key (JWK) source
.- Version:
- 2024-04-20
- Author:
- Vladimir Dzhuvinov
-
Constructor Summary
ConstructorDescriptionJWEDecryptionKeySelector
(JWEAlgorithm jweAlg, EncryptionMethod jweEnc, JWKSource<C> jwkSource) Creates a new decryption key selector. -
Method Summary
Modifier and TypeMethodDescriptionprotected JWKMatcher
createJWKMatcher
(JWEHeader jweHeader) Creates a JWK matcher for the expected JWE algorithms and the specified JWE header.Returns the expected JWE algorithm.The expected JWE encryption method.Returns the JWK source.selectJWEKeys
(JWEHeader jweHeader, C context) Selects key candidates for decrypting a JWE object.
-
Constructor Details
-
JWEDecryptionKeySelector
public JWEDecryptionKeySelector(JWEAlgorithm jweAlg, EncryptionMethod jweEnc, JWKSource<C> jwkSource) Creates a new decryption key selector.- Parameters:
jweAlg
- The expected JWE algorithm for the objects to be decrypted. Must not benull
.jweEnc
- The expected JWE encryption method for the objects to be decrypted. Must not benull
.jwkSource
- The JWK source. Must include the private keys and must not benull
.
-
-
Method Details
-
getExpectedJWEAlgorithm
Returns the expected JWE algorithm.- Returns:
- The expected JWE algorithm.
-
getExpectedJWEEncryptionMethod
The expected JWE encryption method.- Returns:
- The expected JWE encryption method.
-
createJWKMatcher
Creates a JWK matcher for the expected JWE algorithms and the specified JWE header.- Parameters:
jweHeader
- The JWE header. Must not benull
.- Returns:
- The JWK matcher,
null
if none could be created.
-
selectJWEKeys
Description copied from interface:JWEKeySelector
Selects key candidates for decrypting a JWE object.- Specified by:
selectJWEKeys
in interfaceJWEKeySelector<C extends SecurityContext>
- Parameters:
jweHeader
- The header of the JWE object. Must not benull
.context
- Optional context,null
if not required.- Returns:
- The key candidates in trial order, empty list if none.
- Throws:
KeySourceException
- If a key source exception is encountered, e.g. on remote JWK retrieval.
-
getJWKSource
Returns the JWK source.- Returns:
- The JWK source.
-