Module iu.util.crypt
Package edu.iu.crypt

Interface WebKey

All Superinterfaces:
WebCertificateReference, WebKeyReference
All Known Implementing Classes:
Jwk
public interface WebKey extends WebKeyReference
Unifies algorithm support and maps a cryptographic key from JCE to JSON Web Key.
See Also:

  • Method Details

    • algorithmParams

      static AlgorithmParameterSpec algorithmParams(String name)
      Gets the ECParameterSpec for a standard parameter name.
      Parameters:
      name - standard parameter name
      Returns:
      Elliptic Curve parameters

    • algorithmParams

      static AlgorithmParameterSpec algorithmParams(Key key)
      Gets the AlgorithmParameterSpec from a key.
      Parameters:
      key - key
      Returns:
      AlgorithmParameterSpec

    • verify

      static PublicKey verify(WebKey webKey)
      Verifies encoded key data is correct for the key type, use, algorithm, and X.509 certificate chain.
      Parameters:
      webKey - WebKey
      Returns:
      PublicKey resolved from the web key, or null if no public key was resolved; private and raw key values will be verified as valid for the key type and/or public key, and may continue to be accessed from the original web key as needed.
      Throws:
      IllegalArgumentException - if the key is invalid

    • builder

      static WebKey.Builder<?> builder(Key key)
      Creates a new builder.
      Parameters:
      key - JCE key
      Returns:
      WebKey.Builder

    • builder

      static WebKey.Builder<?> builder(WebKey.Type type)
      Creates a new WebKey.Builder.
      Parameters:
      type - key type
      Returns:
      WebKey.Builder

    • builder

      static WebKey.Builder<?> builder(WebKey.Algorithm algorithm)
      Creates an ephemeral key for use as JWE recipient or JWS issuer.

      Ephemeral keys are generated using JDK 11 compliant standard algorithms with registered JCE providers

      Parameters:
      algorithm - key algorithm
      Returns:
      JWE recipient or JWS issuer key

    • ephemeral

      static WebKey ephemeral(WebEncryption.Encryption encryption)
      Creates an ephemeral content encryption key, for use with WebKey.Algorithm.DIRECT.

      Ephemeral keys are generated using JDK 11 compliant standard algorithms with registered JCE providers

      Parameters:
      encryption - encryption algorithm
      Returns:
      content encryption key

    • ephemeral

      static WebKey ephemeral(WebKey.Algorithm algorithm)
      Creates an ephemeral key for use as JWE recipient or JWS issuer.

      Ephemeral keys are generated using JDK 11 compliant standard algorithms with registered JCE providers

      Parameters:
      algorithm - key algorithm
      Returns:
      JWE recipient or JWS issuer key

    • parse

      static WebKey parse(String jwk)
      Parses a JSON Web Key (JWK).
      Parameters:
      jwk - JSON Web Key
      Returns:
      WebKey

    • parseJwks

      static Iterable<? extends WebKey> parseJwks(String jwks)
      Parses a JSON Web Key Set (JWKS).
      Parameters:
      jwks - serialized JWKS
      Returns:
      parsed key set

    • pem

      static WebKey pem(String pem)
      Reads at least one PEM-encoded X509 certificate, and optionally a private key, and returns a JWK partial-key representation.
      Parameters:
      pem - PEM-encoded certificate(s) and optional private key
      Returns:
      WebKey

    • readJwks

      static Iterable<? extends WebKey> readJwks(URI jwks)
      Reads a JSON Web Key Set (JWKS).
      Parameters:
      jwks - serialized JWKS
      Returns:
      parsed key set

    • readJwks

      static Iterable<? extends WebKey> readJwks(InputStream jwks)
      Reads a JSON Web Key Set (JWKS).
      Parameters:
      jwks - serialized JWKS
      Returns:
      parsed key set

    • asJwks

      static String asJwks(Iterable<? extends WebKey> webKeys)
      Serializes WebKeys as a JSON Web Key Set.
      Parameters:
      webKeys - WebKeys
      Returns:
      serialized JWKS

    • writeJwks

      static void writeJwks(Iterable<? extends WebKey> webKeys, OutputStream out)
      Writes WebKey as a JSON Web Key.
      Parameters:
      webKeys - WebKeys
      out - OutputStream

    • wellKnown

      WebKey wellKnown()
      Returns a copy of this key for which getPrivateKey() and getKey() always return null, and for which the source data backing these methods is not populated.

      If these methods would already return null, this key is returned as-is.

      Returns:
      this key, or a copy that omits secret and private key data

    • getType

      WebKey.Type getType()
      Gets the key type.
      Returns:
      key type

    • getUse

      WebKey.Use getUse()
      Gets the public key use.
      Returns:
      public key use.

    • getOps

      Set<WebKey.Operation> getOps()
      Gets the key operations.
      Returns:
      key operations

    • getKey

      byte[] getKey()
      Gets the raw key data for use when WebKey.Type.RAW.
      Returns:
      raw key data

    • getPrivateKey

      PrivateKey getPrivateKey()
      Gets the JCE private key implementation.
      Returns:
      PrivateKey

    • getPublicKey

      PublicKey getPublicKey()
      Gets the JCE public key implementation.
      Returns:
      PublicKey