Uses of Class
org.forgerock.secrets.keys.CryptoKey
Packages that use CryptoKey
Package
Description
Classes and interfaces for JWT encryption and JWEs.
Classes and interfaces for creating and manipulating JWKs.
Classes and interfaces for JWT signing and JWS'.
JWT implementation(s) of
TokenHandler.Utility classes for JWT creation and manipulation.
Provides the Common Secrets API for accessing secrets of various kinds.
Provides a unified API for accessing secrets of various kinds.
Secret store backend for retrieving keys from a local or remote JWK Set.
Contains cryptographic key related API objects.
-
Uses of CryptoKey in org.forgerock.json.jose.jwe
Methods in org.forgerock.json.jose.jwe that return types with arguments of type CryptoKeyModifier and TypeMethodDescriptionJweAlgorithm.getDecryptionPurpose(String label) Returns aPurposethat can be used to retrieve keys that are suitable for decryption with this JWE algorithm.JweAlgorithmType.getDecryptionPurpose(String label) Returns aPurposethat can be used to retrieve keys that are suitable for decryption with this type of JWE algorithm.JweAlgorithm.getEncryptionPurpose(String label) Returns aPurposethat can be used to retrieve keys that are suitable for encryption with this JWE algorithm.JweAlgorithmType.getEncryptionPurpose(String label) Returns aPurposethat can be used to retrieve keys that are suitable for encryption with this type of JWE algorithm.Method parameters in org.forgerock.json.jose.jwe with type arguments of type CryptoKeyModifier and TypeMethodDescriptionPromise<? extends EncryptedJwt,JweDecryptionCheckedException> EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) Attempts to decrypt the JWT using any available keys for the givenPurposefrom the givenSecretsProvider.Promise<? extends EncryptedJwt,JweDecryptionCheckedException> EncryptedJwt.decrypt(ValidSecretsReference<? extends CryptoKey, NeverThrowsException> secretsReference) Attempts to decrypt the JWT using any available keys from the givenValidSecretsReference.SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) SignedThenEncryptedJwt.decrypt(ValidSecretsReference<? extends CryptoKey, NeverThrowsException> validSecretsReference) SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose) Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the suppliedSecretsProvider.SignedThenEncryptedJwt.decryptAndVerify(ValidSecretsReference<? extends CryptoKey, NeverThrowsException> decryptionSecretsReference, ValidSecretsReference<VerificationKey, NeverThrowsException> verificationSecretsReference) Decrypts the outer JWT and then verifies the signature on the inner JWT using supplied valid secrets.Promise<byte[],JweDecryptionCheckedException> EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) Attempts to decrypt the raw payload of the JWT using any keys from the givenSecretsProviderthat satisfy the suppliedPurpose.Promise<byte[],JweDecryptionCheckedException> EncryptedJwt.decryptRawPayload(ValidSecretsReference<? extends CryptoKey, NeverThrowsException> secretsReference) Attempts to decrypt the raw payload of the JWT using any keys from the given theSecrets contained in the givenValidSecretsReference. -
Uses of CryptoKey in org.forgerock.json.jose.jwk
Methods in org.forgerock.json.jose.jwk with type parameters of type CryptoKeyModifier and TypeMethodDescription<T extends CryptoKey>
TJWK.toCryptoKey(Purpose<T> purpose, Instant expiry) Converts this JWK into aCryptoKeysubclass object for use with the Secrets API. -
Uses of CryptoKey in org.forgerock.json.jose.jws
Method parameters in org.forgerock.json.jose.jws with type arguments of type CryptoKeyModifier and TypeMethodDescriptionPromise<? extends EncryptedJwt,JweDecryptionCheckedException> EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose) Decrypts the inner encrypted JWE so that the payload can be accessed.Promise<? extends EncryptedJwt,JweDecryptionCheckedException> EncryptedThenSignedJwt.decrypt(ValidSecretsReference<? extends CryptoKey, NeverThrowsException> secretsReference) Decrypts the inner encrypted JWE so that the payload can be accessed. -
Uses of CryptoKey in org.forgerock.json.jose.tokenhandler
Method parameters in org.forgerock.json.jose.tokenhandler with type arguments of type CryptoKeyModifier and TypeMethodDescriptionSecretsJwtTokenHandler.Builder.decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose) Specifies thePurposeused to retrieve decryption keys from the secrets provider.SecretsJwtTokenHandler.Builder.encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose) Specifies thePurposeused to retrieve encryption keys from the secrets provider. -
Uses of CryptoKey in org.forgerock.json.jose.utils
Methods in org.forgerock.json.jose.utils that return types with arguments of type CryptoKeyModifier and TypeMethodDescriptionstatic SecretConstraint<CryptoKey>JoseSecretConstraints.allowedAlgorithm(Algorithm algorithm) Enforces that the key is allowed to be used with the given JWA algorithm.Methods in org.forgerock.json.jose.utils with parameters of type CryptoKeyModifier and TypeMethodDescriptionstatic voidUtils.checkRsaKeySize(CryptoKey key) Verifies that the RSA key being used meets minimum key size requirement of 2048 bits as specified in the JOSE specifications. -
Uses of CryptoKey in org.forgerock.openig.secrets
Methods in org.forgerock.openig.secrets with type parameters of type CryptoKeyModifier and TypeMethodDescriptionSecretsService.asKeyStore(Purpose<T> purpose) Returns a view of this secrets provider as a keystore for the given purpose.Methods in org.forgerock.openig.secrets that return types with arguments of type CryptoKeyModifier and TypeMethodDescriptionstatic SecretConstraint<CryptoKey>SecretsUtils.allowedKeyType(KeyType expected) Enforce that aCryptoKeysatisfies the given key type constraint.Method parameters in org.forgerock.openig.secrets with type arguments of type CryptoKeyModifier and TypeMethodDescriptionSecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose) Returns aKeyManagerthat can be used toinitialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.SecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options) Returns aKeyManagerthat can be used toinitialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.SecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose) Constructs anX509ExtendedTrustManagerthat will retrieve certificates from this secrets provider for the provided purpose.SecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options) Constructs anX509ExtendedTrustManagerthat will retrieve certificates from this secrets provider for the provided purpose. -
Uses of CryptoKey in org.forgerock.secrets
Methods in org.forgerock.secrets with type parameters of type CryptoKeyModifier and TypeMethodDescriptionSecretsProvider.asKeyStore(Purpose<T> purpose) Returns a view of this secrets provider as a keystore for the given purpose.Methods in org.forgerock.secrets that return types with arguments of type CryptoKeyModifier and TypeMethodDescriptionstatic SecretConstraint<CryptoKey>SecretConstraint.allowedAlgorithm(String algorithm) Enforces that the key is allowed to be used with the given algorithm.static SecretConstraint<CryptoKey>SecretConstraint.allowedKeyUsages(Set<KeyUsage> keyUsages) Enforces that the key satisfies at least one of the given key usage constraints.static SecretConstraint<CryptoKey>SecretConstraint.allowedKeyUsages(KeyUsage first, KeyUsage... rest) Enforces that the key satisfies at least one of the given key usage constraints.static SecretConstraint<CryptoKey>SecretConstraint.ellipticCurveKeyParameters(ECParameterSpec requiredParameters) Enforces that the key is an elliptic curve key with the given parameters.static SecretConstraint<CryptoKey>SecretConstraint.keyAlgorithm(String keyAlgorithm) Enforces a particular key algorithm (case insensitive).static SecretConstraint<CryptoKey>SecretConstraint.requiredKeyUsages(Set<KeyUsage> keyUsages) Enforces that the key satisfies all of the given key usage constraints.static SecretConstraint<CryptoKey>SecretConstraint.requiredKeyUsages(KeyUsage first, KeyUsage... rest) Enforces that the key satisfies all of the given key usage constraints.Method parameters in org.forgerock.secrets with type arguments of type CryptoKeyModifier and TypeMethodDescriptionSecretsProvider.asKeyStore(Set<Purpose<? extends CryptoKey>> purposes) Returns a view of this secrets provider as a keystore for the given purposes.SecretsProvider.getKeyManager(Set<Purpose<? extends CryptoKey>> purposes, Options options) Returns aKeyManagerthat can be used toinitialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose) Returns aKeyManagerthat can be used toinitialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options) Returns aKeyManagerthat can be used toinitialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.SecretsProvider.getTrustManager(Set<Purpose<? extends CryptoKey>> purposes, Options options) Constructs anX509ExtendedTrustManagerthat will retrieve certificates from this secrets provider for the provided purposes.SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose) Constructs anX509ExtendedTrustManagerthat will retrieve certificates from this secrets provider for the provided purpose.SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options) Constructs anX509ExtendedTrustManagerthat will retrieve certificates from this secrets provider for the provided purpose.Constructor parameters in org.forgerock.secrets with type arguments of type CryptoKeyModifierConstructorDescriptionSecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock) Initialises the keystore with the given secrets API objects.SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock) Initialises the keystore with the given secrets API objects. -
Uses of CryptoKey in org.forgerock.secrets.jwkset
Methods in org.forgerock.secrets.jwkset with type parameters of type CryptoKeyModifier and TypeMethodDescription<S extends CryptoKey>
Promise<S,NoSuchSecretException> <S extends CryptoKey>
Promise<Stream<S>,NeverThrowsException> Methods in org.forgerock.secrets.jwkset that return types with arguments of type CryptoKeyMethods in org.forgerock.secrets.jwkset with parameters of type CryptoKey -
Uses of CryptoKey in org.forgerock.secrets.keys
Classes in org.forgerock.secrets.keys with type parameters of type CryptoKeyModifier and TypeInterfaceDescriptioninterfaceDecryptionKey<T extends CryptoKey>Marker interface for all key types that can be used for decryption.interfaceEncryptionKey<T extends CryptoKey>Marker interface for all key types that can be used for encryption.Subclasses of CryptoKey in org.forgerock.secrets.keysModifier and TypeClassDescriptionclassA key used for verifying certificate signatures.classA key that is used for decrypting confidential data.classA key that is used for encrypting confidential data.classA key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.classA key that is used to decrypt (or "unwrap") other keys that have been encrypted with aKeyEncryptionKey.classA key that is used to encrypt ("wrap") other keys.classA key that is used for signing digital signatures.classA key used for verifying digital signatures.Methods in org.forgerock.secrets.keys that return types with arguments of type CryptoKeyModifier and TypeMethodDescriptionKeyUsage.getKeyType()The key type corresponding to this key usage.Methods in org.forgerock.secrets.keys with parameters of type CryptoKeyModifier and TypeMethodDescriptionExports the given crypto key and raw key material.Method parameters in org.forgerock.secrets.keys with type arguments of type CryptoKeyModifier and TypeMethodDescriptionKeyUsage.forKeyType(Class<? extends CryptoKey> keyType) Returns the set of all key usages that are applicable to the given key type.