Package com.nimbusds.jose.crypto
Class ECDHEncrypter
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.BaseJWEProvider
-
- com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
-
- com.nimbusds.jose.crypto.ECDHEncrypter
-
- All Implemented Interfaces:
JCAAware<JWEJCAContext>,JOSEProvider,JWEEncrypter,JWEProvider
@ThreadSafe public class ECDHEncrypter extends ECDHCryptoProvider implements JWEEncrypter
Elliptic Curve Diffie-Hellman encrypter ofJWE objectsfor curves using EC JWK keys. Expects a public EC key (with a P-256, P-384 or P-521 curve).See RFC 7518 section 4.6 for more information.
For Curve25519/X25519, see
X25519Encrypterinstead.This class is thread-safe.
Supports the following key management algorithms:
JWEAlgorithm.ECDH_ESJWEAlgorithm.ECDH_ES_A128KWJWEAlgorithm.ECDH_ES_A192KWJWEAlgorithm.ECDH_ES_A256KW
Supports the following elliptic curves:
Supports the following content encryption algorithms:
- Version:
- 2023-05-17
- Author:
- Tim McLean, Vladimir Dzhuvinov, Fernando González Callejas, Egor Puzanov
-
-
Field Summary
Fields Modifier and Type Field Description static Set<Curve>SUPPORTED_ELLIPTIC_CURVESThe supported EC JWK curves by the ECDH crypto provider class.-
Fields inherited from class com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
SUPPORTED_ALGORITHMS, SUPPORTED_ENCRYPTION_METHODS
-
-
Constructor Summary
Constructors Constructor Description ECDHEncrypter(ECKey ecJWK)Creates a new Elliptic Curve Diffie-Hellman encrypter.ECDHEncrypter(ECPublicKey publicKey)Creates a new Elliptic Curve Diffie-Hellman encrypter.ECDHEncrypter(ECPublicKey publicKey, SecretKey contentEncryptionKey)Creates a new Elliptic Curve Diffie-Hellman encrypter with an optionally specified content encryption key (CEK).
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description JWECryptoPartsencrypt(JWEHeader header, byte[] clearText)Deprecated.JWECryptoPartsencrypt(JWEHeader header, byte[] clearText, byte[] aad)Encrypts the specified clear text of aJWE object.ECPublicKeygetPublicKey()Returns the public EC key.Set<Curve>supportedEllipticCurves()Returns the names of the supported elliptic curves.-
Methods inherited from class com.nimbusds.jose.crypto.impl.ECDHCryptoProvider
decryptWithZ, encryptWithZ, getConcatKDF, getCurve
-
Methods inherited from class com.nimbusds.jose.crypto.impl.BaseJWEProvider
getCEK, getJCAContext, isCEKProvided, supportedEncryptionMethods, supportedJWEAlgorithms
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.nimbusds.jose.jca.JCAAware
getJCAContext
-
Methods inherited from interface com.nimbusds.jose.JWEProvider
supportedEncryptionMethods, supportedJWEAlgorithms
-
-
-
-
Field Detail
-
SUPPORTED_ELLIPTIC_CURVES
public static final Set<Curve> SUPPORTED_ELLIPTIC_CURVES
The supported EC JWK curves by the ECDH crypto provider class.
-
-
Constructor Detail
-
ECDHEncrypter
public ECDHEncrypter(ECPublicKey publicKey) throws JOSEException
Creates a new Elliptic Curve Diffie-Hellman encrypter.- Parameters:
publicKey- The public EC key. Must not benull.- Throws:
JOSEException- If the elliptic curve is not supported.
-
ECDHEncrypter
public ECDHEncrypter(ECKey ecJWK) throws JOSEException
Creates a new Elliptic Curve Diffie-Hellman encrypter.- Parameters:
ecJWK- The EC JSON Web Key (JWK). Must not benull.- Throws:
JOSEException- If the elliptic curve is not supported.
-
ECDHEncrypter
public ECDHEncrypter(ECPublicKey publicKey, SecretKey contentEncryptionKey) throws JOSEException
Creates a new Elliptic Curve Diffie-Hellman encrypter with an optionally specified content encryption key (CEK).- Parameters:
publicKey- The public EC key. Must not benull.contentEncryptionKey- The content encryption key (CEK) to use. If specified its algorithm must be "AES" and its length must match the expected for the JWE encryption method ("enc"). Ifnulla CEK will be generated for each JWE.- Throws:
JOSEException- If the elliptic curve is not supported.
-
-
Method Detail
-
getPublicKey
public ECPublicKey getPublicKey()
Returns the public EC key.- Returns:
- The public EC key.
-
supportedEllipticCurves
public Set<Curve> supportedEllipticCurves()
Description copied from class:ECDHCryptoProviderReturns the names of the supported elliptic curves. These correspond to thecrvEC JWK parameter.- Specified by:
supportedEllipticCurvesin classECDHCryptoProvider- Returns:
- The supported elliptic curves.
-
encrypt
@Deprecated public JWECryptoParts encrypt(JWEHeader header, byte[] clearText) throws JOSEException
Deprecated.Encrypts the specified clear text of aJWE object.- Parameters:
header- The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not benull.clearText- The clear text to encrypt. Must not benull.- Returns:
- The resulting JWE crypto parts.
- Throws:
JOSEException- If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.
-
encrypt
public JWECryptoParts encrypt(JWEHeader header, byte[] clearText, byte[] aad) throws JOSEException
Description copied from interface:JWEEncrypterEncrypts the specified clear text of aJWE object.- Specified by:
encryptin interfaceJWEEncrypter- Parameters:
header- The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not benull.clearText- The clear text to encrypt. Must not benull.aad- The additional authenticated data. Must not benull.- Returns:
- The resulting JWE crypto parts.
- Throws:
JOSEException- If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.
-
-