Package com.nimbusds.jose.crypto
Class ECDH1PUX25519Decrypter
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.BaseJWEProvider
-
- com.nimbusds.jose.crypto.impl.ECDH1PUCryptoProvider
-
- com.nimbusds.jose.crypto.ECDH1PUX25519Decrypter
-
- All Implemented Interfaces:
CriticalHeaderParamsAware,JCAAware<JWEJCAContext>,JOSEProvider,JWEDecrypter,JWEProvider
@ThreadSafe public class ECDH1PUX25519Decrypter extends ECDH1PUCryptoProvider implements JWEDecrypter, CriticalHeaderParamsAware
Elliptic Curve Diffie-Hellman decrypter ofJWE objectsfor curves using an OKP JWK. Expects a privateOctetKeyPairkey with"crv"X25519.See RFC 8037 for more information.
See also
ECDH1PUDecrypterfor ECDH on other curves.Public Key Authenticated Encryption for JOSE ECDH-1PU for more information.
This class is thread-safe.
Supports the following key management algorithms:
JWEAlgorithm.ECDH_1PUJWEAlgorithm.ECDH_1PU_A128KWJWEAlgorithm.ECDH_1PU_A192KWJWEAlgorithm.ECDH_1PU_A256KW
Supports the following elliptic curves:
Supports the following content encryption algorithms for Direct key agreement mode:
EncryptionMethod.A128CBC_HS256EncryptionMethod.A192CBC_HS384EncryptionMethod.A256CBC_HS512EncryptionMethod.A128GCMEncryptionMethod.A192GCMEncryptionMethod.A256GCMEncryptionMethod.A128CBC_HS256_DEPRECATEDEncryptionMethod.A256CBC_HS512_DEPRECATEDEncryptionMethod.XC20P
Supports the following content encryption algorithms for Key wrapping mode:
- Version:
- 2023-05-17
- Author:
- Alexander Martynov, Egor Puzanov
-
-
Field Summary
-
Fields inherited from class com.nimbusds.jose.crypto.impl.ECDH1PUCryptoProvider
SUPPORTED_ALGORITHMS, SUPPORTED_ENCRYPTION_METHODS
-
-
Constructor Summary
Constructors Constructor Description ECDH1PUX25519Decrypter(OctetKeyPair privateKey, OctetKeyPair publicKey)Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.ECDH1PUX25519Decrypter(OctetKeyPair privateKey, OctetKeyPair publicKey, Set<String> defCritHeaders)Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description byte[]decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag)Deprecated.byte[]decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag, byte[] aad)Decrypts the specified cipher text of aJWE Object.Set<String>getDeferredCriticalHeaderParams()Returns the names of the critical (crit) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.OctetKeyPairgetPrivateKey()Returns the private key.Set<String>getProcessedCriticalHeaderParams()Returns the names of the critical (crit) header parameters that are understood and processed by the JWS verifier / JWE decrypter.OctetKeyPairgetPublicKey()Returns the public key.Set<Curve>supportedEllipticCurves()Returns the names of the supported elliptic curves.-
Methods inherited from class com.nimbusds.jose.crypto.impl.ECDH1PUCryptoProvider
decryptWithZ, encryptWithZ, getConcatKDF, getCurve
-
Methods inherited from class com.nimbusds.jose.crypto.impl.BaseJWEProvider
getCEK, getJCAContext, isCEKProvided, supportedEncryptionMethods, supportedJWEAlgorithms
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.nimbusds.jose.jca.JCAAware
getJCAContext
-
Methods inherited from interface com.nimbusds.jose.JWEProvider
supportedEncryptionMethods, supportedJWEAlgorithms
-
-
-
-
Constructor Detail
-
ECDH1PUX25519Decrypter
public ECDH1PUX25519Decrypter(OctetKeyPair privateKey, OctetKeyPair publicKey) throws JOSEException
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.- Parameters:
privateKey- The private key. Must not benull.publicKey- The private key. Must not benull.- Throws:
JOSEException- If the key subtype is not supported.
-
ECDH1PUX25519Decrypter
public ECDH1PUX25519Decrypter(OctetKeyPair privateKey, OctetKeyPair publicKey, Set<String> defCritHeaders) throws JOSEException
Creates a new Curve25519 Elliptic Curve Diffie-Hellman decrypter.- Parameters:
privateKey- The private key. Must not benull.publicKey- The private key. Must not benull.defCritHeaders- The names of the critical header parameters that are deferred to the application for processing, empty set ornullif none.- Throws:
JOSEException- If the key subtype is not supported.
-
-
Method Detail
-
supportedEllipticCurves
public Set<Curve> supportedEllipticCurves()
Description copied from class:ECDH1PUCryptoProviderReturns the names of the supported elliptic curves. These correspond to thecrvJWK parameter.- Specified by:
supportedEllipticCurvesin classECDH1PUCryptoProvider- Returns:
- The supported elliptic curves.
-
getPrivateKey
public OctetKeyPair getPrivateKey()
Returns the private key.- Returns:
- The private key.
-
getPublicKey
public OctetKeyPair getPublicKey()
Returns the public key.- Returns:
- The public key.
-
getProcessedCriticalHeaderParams
public Set<String> getProcessedCriticalHeaderParams()
Description copied from interface:CriticalHeaderParamsAwareReturns the names of the critical (crit) header parameters that are understood and processed by the JWS verifier / JWE decrypter.- Specified by:
getProcessedCriticalHeaderParamsin interfaceCriticalHeaderParamsAware- Returns:
- The names of the critical header parameters that are understood and processed, empty set if none.
-
getDeferredCriticalHeaderParams
public Set<String> getDeferredCriticalHeaderParams()
Description copied from interface:CriticalHeaderParamsAwareReturns the names of the critical (crit) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.- Specified by:
getDeferredCriticalHeaderParamsin interfaceCriticalHeaderParamsAware- Returns:
- The names of the critical header parameters that are deferred to the application for processing, empty set if none.
-
decrypt
@Deprecated public byte[] decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag) throws JOSEException
Deprecated.Decrypts the specified cipher text of aJWE Object.- Parameters:
header- The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not benull.encryptedKey- The encrypted key,nullif not required by the JWE algorithm.iv- The initialisation vector,nullif not required by the JWE algorithm.cipherText- The cipher text to decrypt. Must not benull.authTag- The authentication tag,nullif not required.- Returns:
- The clear text.
- Throws:
JOSEException- If the JWE algorithm or method is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if decryption failed for some other reason.
-
decrypt
public byte[] decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag, byte[] aad) throws JOSEException
Description copied from interface:JWEDecrypterDecrypts the specified cipher text of aJWE Object.- Specified by:
decryptin interfaceJWEDecrypter- Parameters:
header- The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not benull.encryptedKey- The encrypted key,nullif not required by the JWE algorithm.iv- The initialisation vector,nullif not required by the JWE algorithm.cipherText- The cipher text to decrypt. Must not benull.authTag- The authentication tag,nullif not required.aad- The additional authenticated data. Must not benull.- Returns:
- The clear text.
- Throws:
JOSEException- If the JWE algorithm or method is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if decryption failed for some other reason.
-
-