Package com.nimbusds.jose.crypto.impl
Class AESKW
- java.lang.Object
-
- com.nimbusds.jose.crypto.impl.AESKW
-
@ThreadSafe public class AESKW extends java.lang.ObjectAES key Wrapping methods for Content Encryption Key (CEK) encryption and decryption. This class is thread-safe.See RFC 7518 (JWA), section 4.4.
- Version:
- 2018-03-09
- Author:
- Melisa Halsband, Vladimir Dzhuvinov
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static javax.crypto.SecretKeyunwrapCEK(javax.crypto.SecretKey kek, byte[] encryptedCEK, java.security.Provider provider)Unwraps the specified encrypted Content Encryption Key (CEK).static byte[]wrapCEK(javax.crypto.SecretKey cek, javax.crypto.SecretKey kek, java.security.Provider provider)Wraps the specified Content Encryption Key (CEK).
-
-
-
Method Detail
-
wrapCEK
public static byte[] wrapCEK(javax.crypto.SecretKey cek, javax.crypto.SecretKey kek, java.security.Provider provider) throws JOSEExceptionWraps the specified Content Encryption Key (CEK).- Parameters:
cek- The Content Encryption Key (CEK) to wrap. Must not benull.kek- The AES Key Encryption Key (KEK) (wrapping key). Must not benull.provider- The specific JCA provider to use,nullimplies the default system one.- Returns:
- The wrapped Content Encryption Key (CEK).
- Throws:
JOSEException- If wrapping failed.
-
unwrapCEK
public static javax.crypto.SecretKey unwrapCEK(javax.crypto.SecretKey kek, byte[] encryptedCEK, java.security.Provider provider) throws JOSEExceptionUnwraps the specified encrypted Content Encryption Key (CEK).- Parameters:
kek- The AES Key Encryption Key (KEK) (wrapping key). Must not benull.encryptedCEK- The wrapped Content Encryption Key (CEK) with authentication tag. Must not benull.provider- The specific JCA provider to use,nullimplies the default system one.- Returns:
- The unwrapped Content Encryption Key (CEK).
- Throws:
JOSEException- If unwrapping failed.
-
-