io.vertx.ext.auth.impl.jose

Class JWK

java.lang.Object

io.vertx.ext.auth.impl.jose.JWK

All Implemented Interfaces:

Crypto

public final class JWK
extends Object
implements Crypto

JWK https://tools.ietf.org/html/rfc7517

In a nutshell a JWK is a Key(Pair) encoded as JSON. This implementation follows the spec with some limitations:

* Supported algorithms are: "PS256", "PS384", "PS512", "RS256", "RS384", "RS512", "ES256", "ES256K", "ES384", "ES512", "HS256", "HS384", "HS512"

When working with COSE, then "RS1" is also a valid algorithm.

The rationale for this choice is to support the required algorithms for JWT.

The constructor takes a single JWK (the the KeySet) or a PEM encoded pair (used by Google and useful for importing standard PEM files from OpenSSL).

Certificate chains (x5c) are allowed and verified, certificate urls and fingerprints are not considered.

Author:

Paulo Lopes

Field Summary

Fields

Modifier and Type	Field and Description
static int	USE_ENC
static int	USE_SIG

Constructor Summary

Constructors

Constructor and Description
JWK(JsonObject json)
JWK(PubSecKeyOptions options) Creates a Key(Pair) from pem formatted strings.

Method Summary

Modifier and Type	Method and Description
String	getAlgorithm()
String	getId() The key id or null.
String	getLabel() A not null label for the key, labels are the same for same algorithm, kid objects but not necessarily different internal keys/certificates
Mac	getMac()
PrivateKey	getPrivateKey()
PublicKey	getPublicKey()
Signature	getSignature()
String	getType()
int	getUse()
boolean	isFor(int use)
static List<JWK>	load(KeyStore keyStore, String keyStorePassword, Map<String,String> passwordProtection)
byte[]	sign(byte[] payload)
boolean	verify(byte[] expected, byte[] payload)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USE_SIG

public static final int USE_SIG

See Also:

Constant Field Values

USE_ENC

public static final int USE_ENC

See Also:

Constant Field Values

Constructor Detail

JWK

public JWK(PubSecKeyOptions options)

Creates a Key(Pair) from pem formatted strings.

Parameters:

options - PEM pub sec key options.

JWK

public JWK(JsonObject json)

Method Detail

load

public static List<JWK> load(KeyStore keyStore,
                             String keyStorePassword,
                             Map<String,String> passwordProtection)

getAlgorithm

public String getAlgorithm()

getId

public String getId()

Description copied from interface: Crypto

The key id or null.

Specified by:

getId in interface Crypto

sign

public byte[] sign(byte[] payload)

Specified by:

sign in interface Crypto

verify

public boolean verify(byte[] expected,
                      byte[] payload)

Specified by:

verify in interface Crypto

isFor

public boolean isFor(int use)

getUse

public int getUse()

getLabel

public String getLabel()

Description copied from interface: Crypto

A not null label for the key, labels are the same for same algorithm, kid objects but not necessarily different internal keys/certificates

Specified by:

getLabel in interface Crypto

getType

public String getType()

getSignature

public Signature getSignature()

getMac

public Mac getMac()

getPublicKey

public PublicKey getPublicKey()

getPrivateKey

public PrivateKey getPrivateKey()