Module org.shredzone.acme4j

Package org.shredzone.acme4j.toolbox

Class JoseUtils

java.lang.Object

org.shredzone.acme4j.toolbox.JoseUtils

public final class JoseUtils
extends Object

Utility class that takes care of all the JOSE stuff.

Internal class, do not use in your project! The API may change anytime, in a breaking manner, and without prior notice.

Since:

2.7

Method Summary

Modifier and Type	Method	Description
static Map<String,Object>	createExternalAccountBinding(String kid, PublicKey accountKey, SecretKey macKey, String macAlgorithm, URL resource)	Creates a JSON structure for external account binding.
static JSONBuilder	createJoseRequest(URL url, KeyPair keypair, JSONBuilder payload, String nonce, String kid)	Creates an ACME JOSE request.
static PublicKey	jwkToPublicKey(Map<String,Object> jwk)	Converts a JOSE JWK structure to a PublicKey.
static String	keyAlgorithm(org.jose4j.jwk.JsonWebKey jwk)	Analyzes the key used in the JsonWebKey, and returns the key algorithm identifier for JsonWebSignature.
static String	macKeyAlgorithm(SecretKey macKey)	Analyzes the SecretKey, and returns the key algorithm identifier for JsonWebSignature.
static Map<String,Object>	publicKeyToJWK(PublicKey key)	Converts a PublicKey to a JOSE JWK structure.
static byte[]	thumbprint(PublicKey key)	Computes a thumbprint of the given public key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

createJoseRequest

public static JSONBuilder createJoseRequest(URL url,
                                            KeyPair keypair,
                                            @Nullable
                                            JSONBuilder payload,
                                            @Nullable
                                            String nonce,
                                            @Nullable
                                            String kid)

Creates an ACME JOSE request.

Parameters:

url - URL of the ACME call

keypair - KeyPair to sign the request with

payload - ACME JSON payload. If null, a POST-as-GET request is generated instead.

nonce - Nonce to be used. null if no nonce is to be used in the JOSE header.

kid - kid to be used in the JOSE header. If null, a jwk header of the given key is used instead.

Returns:

JSON structure of the JOSE request, ready to be sent.

createExternalAccountBinding

public static Map<String,Object> createExternalAccountBinding(String kid,
                                                                    PublicKey accountKey,
                                                                    SecretKey macKey,
                                                                    String macAlgorithm,
                                                                    URL resource)

Creates a JSON structure for external account binding.

Parameters:

kid - Key Identifier provided by the CA

accountKey - PublicKey of the account to register

macKey - SecretKey to sign the key identifier with

macAlgorithm - Algorithm of the MAC key

resource - "newAccount" resource URL

Returns:

Created JSON structure

publicKeyToJWK

public static Map<String,Object> publicKeyToJWK(PublicKey key)

Converts a PublicKey to a JOSE JWK structure.

Parameters:

key - PublicKey to convert

Returns:

JSON map containing the JWK structure

jwkToPublicKey

public static PublicKey jwkToPublicKey(Map<String,Object> jwk)

Converts a JOSE JWK structure to a PublicKey.

Parameters:

jwk - Map containing a JWK structure

Returns:

the extracted PublicKey

thumbprint

public static byte[] thumbprint(PublicKey key)

Computes a thumbprint of the given public key.

Parameters:

key - PublicKey to get the thumbprint of

Returns:

Thumbprint of the key

keyAlgorithm

public static String keyAlgorithm(org.jose4j.jwk.JsonWebKey jwk)

Analyzes the key used in the JsonWebKey, and returns the key algorithm identifier for JsonWebSignature.

Parameters:

jwk - JsonWebKey to analyze

Returns:

algorithm identifier

Throws:

IllegalArgumentException - there is no corresponding algorithm identifier for the key

macKeyAlgorithm

public static String macKeyAlgorithm(SecretKey macKey)

Analyzes the SecretKey, and returns the key algorithm identifier for JsonWebSignature.

Parameters:

macKey - SecretKey to analyze

Returns:

algorithm identifier

Throws:

IllegalArgumentException - there is no corresponding algorithm identifier for the key