Package org.forgerock.json.jose.jws
Enum Class SupportedEllipticCurve
- All Implemented Interfaces:
Serializable
,Comparable<SupportedEllipticCurve>
,Constable
Enumerates all supported elliptic curve parameters for ESXXX signature formats.
-
Nested Class Summary
Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>>
-
Enum Constant Summary
Enum ConstantDescriptionThe Ed25519 curve used for EdDSA signatures.The Ed448 curve used for EdDSA signatures.NIST P-256.NIST P-384.NIST P-521.Curve25519 when used for ECDH-ES key agreement (X25519).Curve448 when used for ECDH-ES key agreement (X448). -
Method Summary
Modifier and TypeMethodDescriptionstatic SupportedEllipticCurve
Determines the standard curve that matches the given (private or public) key.static SupportedEllipticCurve
Determines the standard curve that matches the given (private or public) key.static SupportedEllipticCurve
Returns the curve parameters for the given standard curve name (crv claim in a JWK).static SupportedEllipticCurve
forSignature
(byte[] signature) Determines the supported curve parameters for the given ECDSA signature.static SupportedEllipticCurve
forSignature
(byte[] signature, JwsAlgorithmType type) Determines the supported curve parameters for the given signature.Returns the type of JWK that is used for this elliptic curve.Returns the JwsAlgorithm that corresponds to this elliptic curve.Determines the Java KeyAgreement algorithm to use for this curve.Determines the Java KeyPairGenerator algorithm to use for this curve.Returns the parameters for the given elliptic curve.int
Returns the size of the signature produced by this curve in octets.Return the name of the curve as used for the "crv" claim in a JWK.boolean
Determines whether this curve is intended for use with X-Diffie-Hellman (XDH) key agreement (X25519 or X448).toString()
boolean
Validates that the given public key is on this curve.static SupportedEllipticCurve
Returns the enum constant of this class with the specified name.static SupportedEllipticCurve[]
values()
Returns an array containing the constants of this enum class, in the order they are declared.
-
Enum Constant Details
-
P256
NIST P-256. -
P384
NIST P-384. -
P521
NIST P-521. Please note that this is not a typo: ES512 uses curve P-521, which produces a 132-octet signature value. -
X25519
Curve25519 when used for ECDH-ES key agreement (X25519). -
X448
Curve448 when used for ECDH-ES key agreement (X448). -
ED25519
The Ed25519 curve used for EdDSA signatures. -
ED448
The Ed448 curve used for EdDSA signatures.
-
-
Method Details
-
values
Returns an array containing the constants of this enum class, in the order they are declared.- Returns:
- an array containing the constants of this enum class, in the order they are declared
-
valueOf
Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum class has no constant with the specified nameNullPointerException
- if the argument is null
-
getParameters
Returns the parameters for the given elliptic curve.- Returns:
- the elliptic curve algorithm parameters.
-
getStandardName
Return the name of the curve as used for the "crv" claim in a JWK.- Returns:
- the standard JWA name for the curve.
-
getSignatureSize
public int getSignatureSize()Returns the size of the signature produced by this curve in octets.- Returns:
- the number of octets (bytes) required to hold a signature of this curve.
-
getJwsAlgorithm
Returns the JwsAlgorithm that corresponds to this elliptic curve.- Returns:
- the corresponding JwsAlgorithm.
-
toString
- Overrides:
toString
in classEnum<SupportedEllipticCurve>
-
forName
Returns the curve parameters for the given standard curve name (crv claim in a JWK).- Parameters:
curveName
- the curve name.- Returns:
- the curve parameters for the name.
- Throws:
IllegalArgumentException
- if the curve name is not supported.
-
forKey
Determines the standard curve that matches the given (private or public) key. This is done by comparing the key parameters for an exact match against one of the standard curves. All parameters much match for a match to succeed.- Parameters:
key
- the private or public key to determine the curve for.use
- the intended use of the curve.- Returns:
- the matching supported curve parameters.
- Throws:
IllegalArgumentException
- if the key does not match any supported curve parameters.
-
forKey
Determines the standard curve that matches the given (private or public) key. This is done by comparing the key parameters for an exact match against one of the standard curves. All parameters much match for a match to succeed. Any curve suitable for encryption (key agreement) will be returned.- Parameters:
key
- the private or public key to determine the curve for.- Returns:
- the matching supported curve parameters.
- Throws:
IllegalArgumentException
- if the key does not match any supported curve parameters.
-
forSignature
Determines the supported curve parameters for the given signature. This is done purely based on the length of the signature and the behaviour is not specified if multiple curves could have produced this signature.- Parameters:
signature
- the signature to match.type
- the type of signature.- Returns:
- the curve that produced this signature.
- Throws:
IllegalArgumentException
- if the signature does not match any supported curve parameters.
-
forSignature
Determines the supported curve parameters for the given ECDSA signature. This is done purely based on the length of the signature and the behaviour is not specified if multiple curves could have produced this signature.- Parameters:
signature
- the signature to match.- Returns:
- the curve that produced this signature.
- Throws:
IllegalArgumentException
- if the signature does not match any supported curve parameters.
-
getJwkType
Returns the type of JWK that is used for this elliptic curve. The NIST prime-order standard curves use EcJWKs, while the newer X25519/X448 and related curves use OkpJWKs.- Returns:
- either OKP or EC depending on the type of elliptic curve.
-
validate
Validates that the given public key is on this curve.- Parameters:
publicKey
- the public key to validate.- Returns:
- true if the public key represents a valid point on this curve, otherwise false.
-
getKeyAgreementAlgorithm
Determines the Java KeyAgreement algorithm to use for this curve.- Returns:
- the key agreement algorithm to use with this curve or
null
if this curve is not intended for key agreement.
-
getKeyGenerationAlgorithm
Determines the Java KeyPairGenerator algorithm to use for this curve.- Returns:
- the key generation algorithm to use for this curve.
-
isXDHCurve
public boolean isXDHCurve()Determines whether this curve is intended for use with X-Diffie-Hellman (XDH) key agreement (X25519 or X448). This is an efficient variant on ECDH implemented by modern curves.- Returns:
- whether this curve is intended for XDH key agreement.
-