Package com.nimbusds.jose.proc

Class JWEDecryptionKeySelector<C extends SecurityContext>

java.lang.Object

com.nimbusds.jose.proc.JWEDecryptionKeySelector<C>

All Implemented Interfaces:

JWEKeySelector<C>

@ThreadSafe
public class JWEDecryptionKeySelector<C extends SecurityContext>
extends Object
implements JWEKeySelector<C>

Key selector for decrypting JWE objects, where the key candidates are retrieved from a JSON Web Key (JWK) source.

Version:

2024-04-20

Author:

Vladimir Dzhuvinov

Constructor Summary

Constructors

Constructor	Description
JWEDecryptionKeySelector(JWEAlgorithm jweAlg, EncryptionMethod jweEnc, JWKSource<C> jwkSource)	Creates a new decryption key selector.

Method Summary

Modifier and Type	Method	Description
protected JWKMatcher	createJWKMatcher(JWEHeader jweHeader)	Creates a JWK matcher for the expected JWE algorithms and the specified JWE header.
JWEAlgorithm	getExpectedJWEAlgorithm()	Returns the expected JWE algorithm.
EncryptionMethod	getExpectedJWEEncryptionMethod()	The expected JWE encryption method.
JWKSource<C>	getJWKSource()	Returns the JWK source.
List<Key>	selectJWEKeys(JWEHeader jweHeader, C context)	Selects key candidates for decrypting a JWE object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

JWEDecryptionKeySelector

public JWEDecryptionKeySelector(JWEAlgorithm jweAlg,
 EncryptionMethod jweEnc,
 JWKSource<C> jwkSource)

Creates a new decryption key selector.

Parameters:

jweAlg - The expected JWE algorithm for the objects to be decrypted. Must not be null.

jweEnc - The expected JWE encryption method for the objects to be decrypted. Must not be null.

jwkSource - The JWK source. Must include the private keys and must not be null.

Method Details

getExpectedJWEAlgorithm

public JWEAlgorithm getExpectedJWEAlgorithm()

Returns the expected JWE algorithm.

Returns:

The expected JWE algorithm.

getExpectedJWEEncryptionMethod

public EncryptionMethod getExpectedJWEEncryptionMethod()

The expected JWE encryption method.

Returns:

The expected JWE encryption method.

createJWKMatcher

protected JWKMatcher createJWKMatcher(JWEHeader jweHeader)

Creates a JWK matcher for the expected JWE algorithms and the specified JWE header.

Parameters:

jweHeader - The JWE header. Must not be null.

Returns:

The JWK matcher, null if none could be created.

selectJWEKeys

public List<Key> selectJWEKeys(JWEHeader jweHeader,
 C context)
                        throws KeySourceException

Description copied from interface: JWEKeySelector

Selects key candidates for decrypting a JWE object.

Specified by:

selectJWEKeys in interface JWEKeySelector<C extends SecurityContext>

Parameters:

jweHeader - The header of the JWE object. Must not be null.

context - Optional context, null if not required.

Returns:

The key candidates in trial order, empty list if none.

Throws:

KeySourceException - If a key source exception is encountered, e.g. on remote JWK retrieval.

getJWKSource

public JWKSource<C> getJWKSource()

Returns the JWK source.

Returns:

The JWK source.