Module io.inverno.mod.security.jose
Package io.inverno.mod.security.jose.jwk

Interface JWK

All Known Subinterfaces:
AsymmetricJWK<A,B>, ECJWK, EdECJWK, OCTJWK, OKPJWK<A,B>, PBES2JWK, RSAJWK, SymmetricJWK, X509JWK<A,B>, XECJWK
public interface JWK

A JSON Web Key as defined by RFC7517.

Since:
1.5
Author:
Jeremy Kuhn

  • Field Details

  • Method Details

    • getKeyType

      String getKeyType()

      Returns the key type.

      Returns:
      the key type

    • getPublicKeyUse

      String getPublicKeyUse()

      Returns the public key use.

      Returns:
      the public key use

    • getKeyOperations

      Set<String> getKeyOperations()

      Returns the set of key operations.

      Returns:
      the set of key operations

    • getAlgorithm

      String getAlgorithm()

      Returns the algorithm intended for use with the key.

      Returns:
      the key algorithm

    • getKeyId

      String getKeyId()

      Returns the key id.

      Returns:
      the key id

    • isTrusted

      boolean isTrusted()

      Determines whether this key is trusted.

      Untrusted keys are typically resolved from unsecured JOSE headers (e.g. no x5c, no x5u...), the are excluded when reading a JOSE object for obvious security reasons.

      Implementations can rely on trust stores or certificate paths validation to determine whether a key is trusted. It is also possible to explicitly trust a key by invoking the trust(). method.

      Returns:
      true if the key is trusted, false otherwise.

    • trust

      JWK trust()

      Trusts the key explicitly.

      This should be used with care when the authenticity of an untrusted key has been established through external means.

      Returns:
      this JWK

    • toPublicJWK

      JWK toPublicJWK()

      Returns a public and safe to share representation of the key.

      Returns:
      a public representation of this JWK

    • minify

      JWK minify()

      Returns a minified representation of the key only containing required data.

      Note that the returned JWK may contain private data.

      Returns:
      a minified representation of this JWK

    • toJWKThumbprint

      default String toJWKThumbprint()

      Generates and returns the JWK thumbprint using the defaul digest.

      Returns:
      the JWK thumbprint

    • toJWKThumbprint

      String toJWKThumbprint(MessageDigest digest)

      Generates and returns the JWK thumbprint using the specified digest.

      Parameters:
      digest - the message digest to use
      Returns:
      the JWK thumbprint

    • supportsAlgorithm

      boolean supportsAlgorithm(String alg)

      Determines whether the JWK supports the specified JWA algorithm.

      Parameters:
      alg - a JWA algorithm
      Returns:
      true if the algorithm is supported, false otherwise

    • signer

      JWASigner signer() throws JWKProcessingException

      Returns a signer using this JWK.

      Returns:
      a signer
      Throws:
      JWKProcessingException - if the JWK does not support signature operations (i.e. missing algorithm, algorithm is not a signature algorithm...)

    • signer

      JWASigner signer(String alg) throws JWKProcessingException

      Returns a signer using this JWK and the specified algorithm.

      Parameters:
      alg - a JWA signature algorithm
      Returns:
      a signer
      Throws:
      JWKProcessingException - if the JWK does not support signature operations or if the specified algorithm is not a supported signature algorithm

    • cipher

      JWACipher cipher() throws JWKProcessingException

      Returns a cipher using this JWK.

      Returns:
      a cipher
      Throws:
      JWKProcessingException - if the JWK does not support encryption operations (i.e. missing algorithm, algorithm is not an encryption algorithm...)

    • cipher

      JWACipher cipher(String alg) throws JWKProcessingException

      Returns a cipher using this JWK and the specified algorithm.

      Parameters:
      alg - a JWA encryption algorithm
      Returns:
      a cipher
      Throws:
      JWKProcessingException - if the JWK does not support encryption operations or if the specified algorithm is not a supported encryption algorithm

    • keyManager

      JWAKeyManager keyManager() throws JWKProcessingException

      Returns a key manager using this JWK.

      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations (i.e. missing algorithm, algorithm is not a key management algorithm...)

    • keyManager

      JWAKeyManager keyManager(String alg) throws JWKProcessingException

      Returns a key manager using this JWK and the specified algorithm.

      Parameters:
      alg - a JWA key management algorithm
      Returns:
      a key manager
      Throws:
      JWKProcessingException - if the JWK does not support key management operations or if the specified algorithm is not a supported key management algorithm

    • hashCode

      int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      boolean equals(Object obj)
      Overrides:
      equals in class Object