Package org.forgerock.json.jose.jwk

Class OkpJWK

    • Method Detail

      • builder

        public static OkpJWK.Builder builder()
        Creates a new builder object for an OKP key.
        Returns:
        the builder object.

      • getX

        public String getX()
        Returns the x-coordinate that forms the public key.
        Returns:
        the public key x-coordinate.

      • getD

        public String getD()
        Returns the private key d value.
        Returns:
        the private key d value.

      • parse

        public static OkpJWK parse​(JsonValue json)
        Parses a JWK from a JsonValue json object.
        Parameters:
        json - JsonValue json object
        Returns:
        a OctJWK object

      • toJsonValue

        public JsonValue toJsonValue()
        Description copied from class: JWK
        Returns a json representation of the JWK.
        Overrides:
        toJsonValue in class JWK
        Returns:
        A JSON representation.

      • isPrivate

        public boolean isPrivate()
        Description copied from class: JWK
        Indicates if any private key attributes are present in the JWK.
        Overrides:
        isPrivate in class JWK
        Returns:
        true if this JWK contains any private key attributes.

      • getPublicJwkBuilder

        protected Optional<JWK.Builder<?>> getPublicJwkBuilder()
        Description copied from class: JWK
        Return a builder with all the values set for representing the public components of the JWK. Common JWK attributes will be added in JWK.toPublicJwk().
        Specified by:
        getPublicJwkBuilder in class JWK
        Returns:
        The builder.

      • toPrivateKey

        public PrivateKey toPrivateKey()
        Converts the JWK to a private key object.
        Returns:
        the equivalent private key object.

      • toXECPublicKey

        public PublicKey toXECPublicKey()
        Converts the JWK to a Java 11 XECPublicKey instance. If using Java prior to Java 11 then this returns null.
        Returns:
        the XECPublicKey corresponding to this JWK.

      • toXECKeyPair

        public KeyPair toXECKeyPair()
        Returns a KeyPair object containing the XECPrivateKey and XECPublicKey for this JWK. Only supported in Java 11+. On earlier Java versions it will return a pair of null keys.
        Returns:
        the XEC key pair.

      • toECPublicKey

        public ECPublicKey toECPublicKey()
        Description copied from interface: EllipticCurveJwk
        Converts the public claims in the JWK into a public key object. This method is only compatible with EcJWKs and will throw an exception if called on an OkpJWK.
        Specified by:
        toECPublicKey in interface EllipticCurveJwk
        Returns:
        the public key.

      • toPublicKey

        public PublicKey toPublicKey()
        Description copied from interface: EllipticCurveJwk
        Converts the public claims in the JWK into a public key. Note that the public key returned may not be an ECPublicKey. For instance, on Java 11 an OkpJWK may return a XECPrivateKey.
        Specified by:
        toPublicKey in interface EllipticCurveJwk
        Returns:
        the public key.

      • isPublicKeyValid

        public boolean isPublicKeyValid()
        Determines whether the public key is valid. Currently for Curve25519, we blacklist all the points of small-order given by https://cr.yp.to/ecdh.html#validate.
        Specified by:
        isPublicKeyValid in interface EllipticCurveJwk
        Returns:
        true if the public key is a valid point on the curve.

      • toKeyPair

        public KeyPair toKeyPair()
        Converts the JWK to a key-pair.
        Specified by:
        toKeyPair in interface EllipticCurveJwk
        Returns:
        the key-pair equivalent to this JWK.

      • generateKeyPair

        public static OkpJWK generateKeyPair​(SupportedEllipticCurve curve)
        Generates a fresh OKP JWK with both public and private claims on the given curve.
        Parameters:
        curve - The curve to generate the key pair on.
        Returns:
        the freshly generated JWK.