Package org.forgerock.json.jose.jwk

Class OkpJWK

java.lang.Object
org.forgerock.json.jose.jwk.JWK
org.forgerock.json.jose.jwk.OkpJWK
All Implemented Interfaces:
EllipticCurveJwk
public class OkpJWK extends JWK implements EllipticCurveJwk
An Octet Key-Pair (OKP) JWK as defined in RFC 8037.

  • Method Details

    • builder

      public static OkpJWK.Builder builder()
      Creates a new builder object for an OKP key.
      Returns:
      the builder object.

    • getEllipticCurve

      public SupportedEllipticCurve getEllipticCurve()
      The supported elliptic curve that this key is on.
      Specified by:
      getEllipticCurve in interface EllipticCurveJwk
      Returns:
      the curve.

    • getX

      public String getX()
      Returns the x-coordinate that forms the public key.
      Returns:
      the public key x-coordinate.

    • getD

      public String getD()
      Returns the private key d value.
      Returns:
      the private key d value.

    • parse

      public static OkpJWK parse(JsonValue json)
      Parses a JWK from a JsonValue json object.
      Parameters:
      json - JsonValue json object
      Returns:
      a OctJWK object

    • toJsonValue

      public JsonValue toJsonValue()
      Description copied from class: JWK
      Returns a json representation of the JWK.
      Overrides:
      toJsonValue in class JWK
      Returns:
      A JSON representation.

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • isPrivate

      public boolean isPrivate()
      Description copied from class: JWK
      Indicates if any private key attributes are present in the JWK.
      Overrides:
      isPrivate in class JWK
      Returns:
      true if this JWK contains any private key attributes.

    • getPublicJwkBuilder

      protected Optional<JWK.Builder<?>> getPublicJwkBuilder()
      Description copied from class: JWK
      Return a builder with all the values set for representing the public components of the JWK. Common JWK attributes will be added in JWK.toPublicJwk().
      Specified by:
      getPublicJwkBuilder in class JWK
      Returns:
      The builder.

    • toPrivateKey

      public PrivateKey toPrivateKey()
      Converts the JWK to a private key object.
      Returns:
      the equivalent private key object.

    • toXECPublicKey

      public PublicKey toXECPublicKey()
      Converts the JWK to a Java 11 XECPublicKey instance. If using Java prior to Java 11 then this returns null.
      Returns:
      the XECPublicKey corresponding to this JWK.

    • toXECKeyPair

      public KeyPair toXECKeyPair()
      Returns a KeyPair object containing the XECPrivateKey and XECPublicKey for this JWK. Only supported in Java 11+. On earlier Java versions it will return a pair of null keys.
      Returns:
      the XEC key pair.

    • toECPublicKey

      public ECPublicKey toECPublicKey()
      Description copied from interface: EllipticCurveJwk
      Converts the public claims in the JWK into a public key object. This method is only compatible with EcJWKs and will throw an exception if called on an OkpJWK.
      Specified by:
      toECPublicKey in interface EllipticCurveJwk
      Returns:
      the public key.

    • toPublicKey

      public PublicKey toPublicKey()
      Description copied from interface: EllipticCurveJwk
      Converts the public claims in the JWK into a public key. Note that the public key returned may not be an ECPublicKey. For instance, on Java 11 an OkpJWK may return a XECPrivateKey.
      Specified by:
      toPublicKey in interface EllipticCurveJwk
      Returns:
      the public key.

    • isPublicKeyValid

      public boolean isPublicKeyValid()
      Determines whether the public key is valid. Currently for Curve25519, we blacklist all the points of small-order given by https://cr.yp.to/ecdh.html#validate.
      Specified by:
      isPublicKeyValid in interface EllipticCurveJwk
      Returns:
      true if the public key is a valid point on the curve.

    • toKeyPair

      public KeyPair toKeyPair()
      Converts the JWK to a key-pair.
      Specified by:
      toKeyPair in interface EllipticCurveJwk
      Returns:
      the key-pair equivalent to this JWK.

    • generateKeyPair

      public static OkpJWK generateKeyPair(SupportedEllipticCurve curve)
      Generates a fresh OKP JWK with both public and private claims on the given curve.
      Parameters:
      curve - The curve to generate the key pair on.
      Returns:
      the freshly generated JWK.