Uses of Class org.forgerock.secrets.keys.CryptoKey (IG Aggregated Javadoc 2024.9.0 Documentation)

Provides a SecretStore implementation that loads secrets from a Common Configuration PropertyResolver and then decodes it with a SecretPropertyFormat.

Uses of CryptoKey in org.forgerock.json.jose.jwe

Methods in org.forgerock.json.jose.jwe that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

Purpose<? extends CryptoKey>

JweAlgorithm.getDecryptionPurpose(String label)

Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this JWE algorithm.

Purpose<? extends CryptoKey>

JweAlgorithmType.getDecryptionPurpose(String label)

Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this type of JWE algorithm.

Purpose<? extends CryptoKey>

JweAlgorithm.getEncryptionPurpose(String label)

Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this JWE algorithm.

Purpose<? extends CryptoKey>

JweAlgorithmType.getEncryptionPurpose(String label)

Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this type of JWE algorithm.

Method parameters in org.forgerock.json.jose.jwe with type arguments of type CryptoKey

Modifier and Type

Method

Description

Promise<? extends EncryptedJwt,JweDecryptionCheckedException>

EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)

Attempts to decrypt the JWT using any available keys for the given Purpose from the given SecretsProvider.

Promise<? extends EncryptedJwt,JweDecryptionCheckedException>

EncryptedJwt.decrypt(ValidSecretsReference<? extends CryptoKey,NeverThrowsException> secretsReference)

Attempts to decrypt the JWT using any available keys from the given ValidSecretsReference.

Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>

SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)

Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>

SignedThenEncryptedJwt.decrypt(ValidSecretsReference<? extends CryptoKey,NeverThrowsException> validSecretsReference)

Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>

SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)

Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the supplied SecretsProvider.

Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>

SignedThenEncryptedJwt.decryptAndVerify(ValidSecretsReference<? extends CryptoKey,NeverThrowsException> decryptionSecretsReference, ValidSecretsReference<VerificationKey,NeverThrowsException> verificationSecretsReference)

Decrypts the outer JWT and then verifies the signature on the inner JWT using supplied valid secrets.

Promise<byte[],JweDecryptionCheckedException>

EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)

Attempts to decrypt the raw payload of the JWT using any keys from the given SecretsProvider that satisfy the supplied Purpose.

Promise<byte[],JweDecryptionCheckedException>

EncryptedJwt.decryptRawPayload(ValidSecretsReference<? extends CryptoKey,NeverThrowsException> secretsReference)

Attempts to decrypt the raw payload of the JWT using any keys from the given the Secrets contained in the given ValidSecretsReference.
Uses of CryptoKey in org.forgerock.json.jose.jwk

Methods in org.forgerock.json.jose.jwk with type parameters of type CryptoKey

Modifier and Type

Method

Description

<T extends CryptoKey> T

JWK.toCryptoKey(Purpose<T> purpose, Instant expiry)

Converts this JWK into a CryptoKey subclass object for use with the Secrets API.
Uses of CryptoKey in org.forgerock.json.jose.jws

Method parameters in org.forgerock.json.jose.jws with type arguments of type CryptoKey

Modifier and Type

Method

Description

Promise<? extends EncryptedJwt,JweDecryptionCheckedException>

EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)

Decrypts the inner encrypted JWE so that the payload can be accessed.

Promise<? extends EncryptedJwt,JweDecryptionCheckedException>

EncryptedThenSignedJwt.decrypt(ValidSecretsReference<? extends CryptoKey,NeverThrowsException> secretsReference)

Decrypts the inner encrypted JWE so that the payload can be accessed.
Uses of CryptoKey in org.forgerock.json.jose.tokenhandler

Method parameters in org.forgerock.json.jose.tokenhandler with type arguments of type CryptoKey

Modifier and Type

Method

Description

SecretsJwtTokenHandler.Builder

SecretsJwtTokenHandler.Builder.decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose)

Specifies the Purpose used to retrieve decryption keys from the secrets provider.

SecretsJwtTokenHandler.Builder

SecretsJwtTokenHandler.Builder.encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose)

Specifies the Purpose used to retrieve encryption keys from the secrets provider.
Uses of CryptoKey in org.forgerock.json.jose.utils

Methods in org.forgerock.json.jose.utils that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

static SecretConstraint<CryptoKey>

JoseSecretConstraints.allowedAlgorithm(Algorithm algorithm)

Enforces that the key is allowed to be used with the given JWA algorithm.

Methods in org.forgerock.json.jose.utils with parameters of type CryptoKey

Modifier and Type

Method

Description

static void

Utils.checkRsaKeySize(CryptoKey key)

Verifies that the RSA key being used meets minimum key size requirement of 2048 bits as specified in the JOSE specifications.
Uses of CryptoKey in org.forgerock.openig.secrets

Methods in org.forgerock.openig.secrets that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

static SecretConstraint<CryptoKey>

SecretsUtils.allowedKeyType(KeyType expected)

Enforce that a CryptoKey satisfies the given key type constraint.
Uses of CryptoKey in org.forgerock.openig.tools.secrets

Methods in org.forgerock.openig.tools.secrets with type parameters of type CryptoKey

Modifier and Type

Method

Description

<S extends CryptoKey> Promise<Stream<S>,NeverThrowsException>

GenericWrapperSecretStore.getValid(Purpose<S> purpose)

Methods in org.forgerock.openig.tools.secrets that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

Class<CryptoKey>

GenericWrapperSecretStore.getStoredType()
Uses of CryptoKey in org.forgerock.secrets

Methods in org.forgerock.secrets with type parameters of type CryptoKey

Modifier and Type

Method

Description

<T extends CryptoKey> KeyStore

SecretsProvider.asKeyStore(Purpose<T> purpose)

Returns a view of this secrets provider as a keystore for the given purpose.

Methods in org.forgerock.secrets that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

static SecretConstraint<CryptoKey>

SecretConstraint.allowedAlgorithm(String algorithm)

Enforces that the key is allowed to be used with the given algorithm.

static SecretConstraint<CryptoKey>

SecretConstraint.allowedKeyUsages(Set<KeyUsage> keyUsages)

Enforces that the key satisfies at least one of the given key usage constraints.

static SecretConstraint<CryptoKey>

SecretConstraint.allowedKeyUsages(KeyUsage first, KeyUsage... rest)

Enforces that the key satisfies at least one of the given key usage constraints.

static SecretConstraint<CryptoKey>

SecretConstraint.ellipticCurveKeyParameters(ECParameterSpec requiredParameters)

Enforces that the key is an elliptic curve key with the given parameters.

static SecretConstraint<CryptoKey>

SecretConstraint.keyAlgorithm(String keyAlgorithm)

Enforces a particular key algorithm (case insensitive).

static SecretConstraint<CryptoKey>

SecretConstraint.requiredKeyUsages(Set<KeyUsage> keyUsages)

Enforces that the key satisfies all of the given key usage constraints.

static SecretConstraint<CryptoKey>

SecretConstraint.requiredKeyUsages(KeyUsage first, KeyUsage... rest)

Enforces that the key satisfies all of the given key usage constraints.

Method parameters in org.forgerock.secrets with type arguments of type CryptoKey

Modifier and Type

Method

Description

KeyStore

SecretsProvider.asKeyStore(Set<Purpose<? extends CryptoKey>> purposes)

Returns a view of this secrets provider as a keystore for the given purposes.

X509ExtendedKeyManager

SecretsProvider.getKeyManager(Set<Purpose<? extends CryptoKey>> purposes, Options options)

Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.

X509ExtendedKeyManager

SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose)

Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.

X509ExtendedKeyManager

SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)

Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.

SecretsTrustManager

SecretsProvider.getTrustManager(Set<Purpose<? extends CryptoKey>> purposes, Options options)

Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purposes.

SecretsTrustManager

SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose)

Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.

SecretsTrustManager

SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)

Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.

Constructor parameters in org.forgerock.secrets with type arguments of type CryptoKey

Modifier

Constructor

Description

SecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock)

Initialises the keystore with the given secrets API objects.

SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)

Initialises the keystore with the given secrets API objects.
Uses of CryptoKey in org.forgerock.secrets.jwkset

Methods in org.forgerock.secrets.jwkset with type parameters of type CryptoKey

Modifier and Type

Method

Description

<S extends CryptoKey> Promise<S,NoSuchSecretException>

JwkSetSecretStore.getNamed(Purpose<S> purpose, String name)

<S extends CryptoKey> Promise<Stream<S>,NeverThrowsException>

JwkSetSecretStore.getValid(Purpose<S> purpose)

Methods in org.forgerock.secrets.jwkset that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

Class<CryptoKey>

JwkSetSecretStore.getStoredType()

Methods in org.forgerock.secrets.jwkset with parameters of type CryptoKey

Modifier and Type

Method

Description

JWK

JwkKeyFormat.export(CryptoKey key, Key rawKey)
Uses of CryptoKey in org.forgerock.secrets.keys

Classes in org.forgerock.secrets.keys with type parameters of type CryptoKey

Modifier and Type

Interface

Description

interface

DecryptionKey<T extends CryptoKey>

Marker interface for all key types that can be used for decryption.

interface

EncryptionKey<T extends CryptoKey>

Marker interface for all key types that can be used for encryption.

Subclasses of CryptoKey in org.forgerock.secrets.keys

Modifier and Type

Class

Description

class

CertificateVerificationKey

A key used for verifying certificate signatures.

class

DataDecryptionKey

A key that is used for decrypting confidential data.

class

DataEncryptionKey

A key that is used for encrypting confidential data.

class

KeyAgreementKey

A key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.

class

KeyDecryptionKey

A key that is used to decrypt (or "unwrap") other keys that have been encrypted with a KeyEncryptionKey.

class

KeyEncryptionKey

A key that is used to encrypt ("wrap") other keys.

class

SigningKey

A key that is used for signing digital signatures.

class

VerificationKey

A key used for verifying digital signatures.

Methods in org.forgerock.secrets.keys that return types with arguments of type CryptoKey

Modifier and Type

Method

Description

Class<? extends CryptoKey>

KeyUsage.getKeyType()

The key type corresponding to this key usage.

Methods in org.forgerock.secrets.keys with parameters of type CryptoKey

Modifier and Type

Method

Description

T

KeyFormat.export(CryptoKey key, Key rawKey)

Exports the given crypto key and raw key material.

String

KeyFormatPem.export(CryptoKey key, Key rawKey)

Key

KeyFormatRaw.export(CryptoKey key, Key rawKey)

Method parameters in org.forgerock.secrets.keys with type arguments of type CryptoKey

Modifier and Type

Method

Description

static EnumSet<KeyUsage>

KeyUsage.forKeyType(Class<? extends CryptoKey> keyType)

Returns the set of all key usages that are applicable to the given key type.
Uses of CryptoKey in org.forgerock.secrets.propertyresolver

Constructor parameters in org.forgerock.secrets.propertyresolver with type arguments of type CryptoKey

Modifier

Constructor

Description

JwtWrappedPropertyFormat(SecretPropertyFormat format, ValidSecretsReference<? extends CryptoKey,NeverThrowsException> validSecretsReference)

Constructs a new JwtWrappedPropertyFormat.

Uses of Classorg.forgerock.secrets.keys.CryptoKey

Uses of CryptoKey in org.forgerock.json.jose.jwe

Uses of CryptoKey in org.forgerock.json.jose.jwk

Uses of CryptoKey in org.forgerock.json.jose.jws

Uses of CryptoKey in org.forgerock.json.jose.tokenhandler

Uses of CryptoKey in org.forgerock.json.jose.utils

Uses of CryptoKey in org.forgerock.openig.secrets

Uses of CryptoKey in org.forgerock.openig.tools.secrets

Uses of CryptoKey in org.forgerock.secrets

Uses of CryptoKey in org.forgerock.secrets.jwkset

Uses of CryptoKey in org.forgerock.secrets.keys

Uses of CryptoKey in org.forgerock.secrets.propertyresolver

Uses of Class
org.forgerock.secrets.keys.CryptoKey