Package com.authlete.common.dto

Class Hsk

java.lang.Object

com.authlete.common.dto.Hsk

All Implemented Interfaces:

Serializable

public class Hsk
extends Object
implements Serializable

Hardware-secured key.

This class holds information about a key managed in an HSM (Hardware Security Module).

Since:

2.97

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor	Description
Hsk()

Method Summary

Modifier and Type	Method	Description
String	getAlg()	Get the algorithm of the key on the HSM.
String	getHandle()	Get the handle for the key on the HSM.
String	getHsmName()	Get the name of the HSM.
String	getKid()	Get the key ID for the key on the HSM.
String	getKty()	Get the key type of the key on the HSM.
String	getPublicKey()	Get the public key that corresponds to the key on the HSM.
String	getUse()	Get the use of the key on the HSM.
Hsk	setAlg(String alg)	Set the algorithm of the key on the HSM.
Hsk	setHandle(String handle)	Set the handle for the key on the HSM.
Hsk	setHsmName(String hsmName)	Set the name of the HSM.
Hsk	setKid(String kid)	Set the key ID for the key on the HSM.
Hsk	setKty(String kty)	Set the key type of the key on the HSM.
Hsk	setPublicKey(String publicKey)	Set the public key that corresponds to the key on the HSM.
Hsk	setUse(String use)	Set the use of the key on the HSM.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Hsk

public Hsk()

Method Detail

getKty

public String getKty()

Get the key type of the key on the HSM.

Returns:

The key type. "EC" or "RSA".

See Also:

RFC 7517 JSON Web Key (JWK), 4.1. "kty" (Key Type) Parameter

setKty

public Hsk setKty(String kty)

Set the key type of the key on the HSM.

Parameters:

kty - The key type. "EC" or "RSA".

Returns:

this object.

See Also:

RFC 7517 JSON Web Key (JWK), 4.1. "kty" (Key Type) Parameter

getUse

public String getUse()

Get the use of the key on the HSM.

When the key use is "sig" (signature), the private key on the HSM is used to sign data and the corresponding public key is used to verify the signature.

When the key use is "enc" (encryption), the private key on the HSM is used to decrypt encrypted data which have been encrypted with the corresponding public key.

Returns:

The key use. "sig" (signature) or "enc" (encryption).

See Also:

RFC 7517 JSON Web Key (JWK), 4.2. "use" (Public Key Use) Parameter

setUse

public Hsk setUse(String use)

Set the use of the key on the HSM.

When the key use is "sig" (signature), the private key on the HSM is used to sign data and the corresponding public key is used to verify the signature.

When the key use is "enc" (encryption), the private key on the HSM is used to decrypt encrypted data which have been encrypted with the corresponding public key.

Parameters:

use - The key use. "sig" (signature) or "enc" (encryption).

Returns:

this object.

See Also:

RFC 7517 JSON Web Key (JWK), 4.2. "use" (Public Key Use) Parameter

getAlg

public String getAlg()

Get the algorithm of the key on the HSM.

When the key use is "sig", the algorithm represents a signing algorithm such as "ES256".

When the key use is "enc", the algorithm represents an encryption algorithm such as "RSA-OAEP-256".

Returns:

The algorithm.

See Also:

RFC 7517 JSON Web Key (JWK), 4.4. "alg" (Algorithm) Parameter, RFC 7518 JSON Web Algorithms (JWA), 3.1. "alg" (Algorithm) Header Parameter Values for JWS, RFC 7518 JSON Web Algorithms (JWA), 4.1. "alg" (Algorithm) Header Parameter Values for JWE

setAlg

public Hsk setAlg(String alg)

Set the algorithm of the key on the HSM.

When the key use is "sig", the algorithm represents a signing algorithm such as "ES256".

When the key use is "enc", the algorithm represents an encryption algorithm such as "RSA-OAEP-256".

Parameters:

alg - The algorithm.

Returns:

this object.

See Also:

RFC 7517 JSON Web Key (JWK), 4.4. "alg" (Algorithm) Parameter, RFC 7518 JSON Web Algorithms (JWA), 3.1. "alg" (Algorithm) Header Parameter Values for JWS, RFC 7518 JSON Web Algorithms (JWA), 4.1. "alg" (Algorithm) Header Parameter Values for JWE

getKid

public String getKid()

Get the key ID for the key on the HSM.

Returns:

The key ID.

See Also:

RFC 7517 JSON Web Key (JWK), 4.5. "kid" (Key ID) Parameter

setKid

public Hsk setKid(String kid)

Set the key ID for the key on the HSM.

Parameters:

kid - The key ID.

Returns:

this object.

See Also:

RFC 7517 JSON Web Key (JWK), 4.5. "kid" (Key ID) Parameter

getHsmName

public String getHsmName()

Get the name of the HSM.

The identifier for the HSM that sits behind the Authlete server. For example, "google".

Returns:

The name of the HSM.

setHsmName

public Hsk setHsmName(String hsmName)

Set the name of the HSM.

The identifier for the HSM that sits behind the Authlete server. For example, "google".

Parameters:

hsmName - The name of the HSM.

Returns:

this object.

getHandle

public String getHandle()

Get the handle for the key on the HSM.

A handle is a base64url-encoded 256-bit random value (43 letters) which is assigned by Authlete on the call of the /api/hsk/create API.

A handle is needed to call the /api/hsk/get/{handle} API and the /api/hsk/delete/{handle} API.

Returns:

The handle.

setHandle

public Hsk setHandle(String handle)

Set the handle for the key on the HSM.

A handle is a base64url-encoded 256-bit random value (43 letters) which is assigned by Authlete on the call of the /api/hsk/create API.

A handle is needed to call the /api/hsk/get/{handle} API and the /api/hsk/delete/{handle} API.

Parameters:

handle - The handle.

Returns:

this object.

getPublicKey

public String getPublicKey()

Get the public key that corresponds to the key on the HSM.

Returns:

The public key in base64-encoded DER format.

setPublicKey

public Hsk setPublicKey(String publicKey)

Set the public key that corresponds to the key on the HSM.

Parameters:

publicKey - The public key in base64-encoded DER format.

Returns:

this object.