public class JWKSetGenerator extends Object
| Constructor and Description |
|---|
JWKSetGenerator() |
| Modifier and Type | Method and Description |
|---|---|
com.nimbusds.jose.jwk.JWKSet |
generate(boolean withMessage)
Generates a new JWK set for a Connect2id server.
|
com.nimbusds.jose.jwk.JWKSet |
generateAndPrefixNewKeys(com.nimbusds.jose.jwk.JWKSet oldJWKSet,
boolean withMessage)
A generates a new set of signing and encryption keys and prefixes
them to the specified Connect2id server JWK set.
|
protected static com.nimbusds.jose.jwk.OctetSequenceKey |
generateEncryptionAESKey(String kid)
Generates a 256 bit AES encryption key with the specified key ID.
|
protected static com.nimbusds.jose.jwk.OctetSequenceKey |
generateHMACSHA256Key()
Generates a 256 bit HMAC SHA key with key ID "hmac".
|
List<com.nimbusds.jose.jwk.JWK> |
generatePermanentKeys(boolean withMessage)
Generates a new set of permanent keys for a Connect2id server.
|
List<com.nimbusds.jose.jwk.JWK> |
generateRotatingKeys(KeyIDs reservedKeyIDs,
boolean withMessage)
Generates a new set of rotating signature and encryption keys for a
Connect2id server.
|
protected static com.nimbusds.jose.jwk.ECKey |
generateSigningECKey(com.nimbusds.jose.jwk.ECKey.Curve crv,
String kid)
Generates an EC signing key with the specified curve and key ID.
|
protected static com.nimbusds.jose.jwk.RSAKey |
generateSigningRSAKey(String kid)
Generates a 2048 bit RSA signing key with the specified key ID.
|
protected static com.nimbusds.jose.jwk.OctetSequenceKey |
generateSubjectEncryptionKey()
Generates a 256 bit subject encryption key (intended for AES SIV
mode) with key ID "subject-encrypt".
|
static void |
main(String[] args)
Console method for generating a new Connect2id server JWK set, or
updating an existing JWK set with new signing and encryption keys.
|
protected static com.nimbusds.jose.jwk.RSAKey generateSigningRSAKey(String kid) throws NoSuchAlgorithmException
kid - The key ID, null if not specified.NoSuchAlgorithmExceptionprotected static com.nimbusds.jose.jwk.ECKey generateSigningECKey(com.nimbusds.jose.jwk.ECKey.Curve crv,
String kid)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException
crv - The curve. Must not be null.kid - The key ID, null if not specified.NoSuchAlgorithmExceptionInvalidAlgorithmParameterExceptionprotected static com.nimbusds.jose.jwk.OctetSequenceKey generateEncryptionAESKey(String kid) throws NoSuchAlgorithmException
kid - The key ID, null if not specified.NoSuchAlgorithmExceptionprotected static com.nimbusds.jose.jwk.OctetSequenceKey generateHMACSHA256Key()
throws NoSuchAlgorithmException
NoSuchAlgorithmExceptionprotected static com.nimbusds.jose.jwk.OctetSequenceKey generateSubjectEncryptionKey()
throws NoSuchAlgorithmException
NoSuchAlgorithmExceptionpublic List<com.nimbusds.jose.jwk.JWK> generateRotatingKeys(KeyIDs reservedKeyIDs, boolean withMessage) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException
reservedKeyIDs - The reserved key IDs, empty if none.withMessage - If true a message will be printed to
standard output.NoSuchAlgorithmExceptionInvalidAlgorithmParameterExceptionpublic List<com.nimbusds.jose.jwk.JWK> generatePermanentKeys(boolean withMessage) throws NoSuchAlgorithmException
withMessage - If true a message will be printed to
standard output.NoSuchAlgorithmExceptionpublic com.nimbusds.jose.jwk.JWKSet generate(boolean withMessage)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException
withMessage - If true a message will be printed to
standard output.NoSuchAlgorithmExceptionInvalidAlgorithmParameterExceptionpublic com.nimbusds.jose.jwk.JWKSet generateAndPrefixNewKeys(com.nimbusds.jose.jwk.JWKSet oldJWKSet,
boolean withMessage)
throws Exception
oldJWKSet - The Connect2id server JWK set. Must not be
null.withMessage - If true a message will be printed to std
output.Exceptionpublic static void main(String[] args)
args - The command line arguments.Copyright © 2016 Connect2id Ltd.. All rights reserved.