Package com.nimbusds.oauth2.sdk.jose
Class SecretKeyDerivation
java.lang.Object
com.nimbusds.oauth2.sdk.jose.SecretKeyDerivation
Derives an AES secret key from a client secret. Intended for performing
symmetric encryption and decryption with a client secret, as specified in
OpenID
Connect Core 1.0, section 10.2.
-
Method Summary
Modifier and TypeMethodDescriptionstatic SecretKeyderiveSecretKey(Secret clientSecret, int bits) Derives a secret encryption key from the specified client secret.static SecretKeyderiveSecretKey(Secret clientSecret, com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc) Derives a secret encryption key from the specified client secret.
-
Method Details
-
deriveSecretKey
public static SecretKey deriveSecretKey(Secret clientSecret, com.nimbusds.jose.JWEAlgorithm alg, com.nimbusds.jose.EncryptionMethod enc) throws com.nimbusds.jose.JOSEException Derives a secret encryption key from the specified client secret.- Parameters:
clientSecret- The client secret. Must not benull.alg- The JWE algorithm. Must not benull.enc- The JWE method. Must not benull.- Returns:
- The matching secret key (with algorithm set to "AES").
- Throws:
com.nimbusds.jose.JOSEException- If the JWE algorithm or method is not supported.
-
deriveSecretKey
public static SecretKey deriveSecretKey(Secret clientSecret, int bits) throws com.nimbusds.jose.JOSEException Derives a secret encryption key from the specified client secret.- Parameters:
clientSecret- The client secret. Must not benull.bits- The secret key bits (128, 192, 256, 384 or 512).- Returns:
- The matching secret key (with algorithm set to "AES").
- Throws:
com.nimbusds.jose.JOSEException- If the secret key bit size it not supported.
-