Package com.nimbusds.oauth2.sdk.jose
Class SecretKeyDerivation
java.lang.Object
com.nimbusds.oauth2.sdk.jose.SecretKeyDerivation
Derives an AES secret key from a client secret. Intended for performing
symmetric encryption and decryption with a client secret, as specified in
OpenID
Connect Core 1.0, section 10.2.
-
Method Summary
Modifier and TypeMethodDescriptionstatic SecretKey
deriveSecretKey
(Secret clientSecret, int bits) Derives a secret encryption key from the specified client secret.static SecretKey
deriveSecretKey
(Secret clientSecret, com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc) Derives a secret encryption key from the specified client secret.
-
Method Details
-
deriveSecretKey
public static SecretKey deriveSecretKey(Secret clientSecret, com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc) throws com.nimbusds.jose.JOSEException Derives a secret encryption key from the specified client secret.- Parameters:
clientSecret
- The client secret. Must not benull
.alg
- The JWE algorithm. Must not benull
.enc
- The JWE method. Must not benull
.- Returns:
- The matching secret key (with algorithm set to "AES").
- Throws:
com.nimbusds.jose.JOSEException
- If the JWE algorithm or method is not supported.
-
deriveSecretKey
public static SecretKey deriveSecretKey(Secret clientSecret, int bits) throws com.nimbusds.jose.JOSEException Derives a secret encryption key from the specified client secret.- Parameters:
clientSecret
- The client secret. Must not benull
.bits
- The secret key bits (128, 192, 256, 384 or 512).- Returns:
- The matching secret key (with algorithm set to "AES").
- Throws:
com.nimbusds.jose.JOSEException
- If the secret key bit size it not supported.
-