com.authlete.common.dto.Hsk Maven / Gradle / Ivy
Show all versions of authlete-java-common Show documentation
/*
* Copyright (C) 2021 Authlete, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.authlete.common.dto;
import java.io.Serializable;
/**
* Hardware-secured key.
*
*
* This class holds information about a key managed in an HSM (Hardware
* Security Module).
*
*
* @since 2.97
*/
public class Hsk implements Serializable
{
private static final long serialVersionUID = 1L;
private String kty;
private String use;
private String alg;
private String kid;
private String hsmName;
private String handle;
private String publicKey;
/**
* Get the key type of the key on the HSM.
*
* @return
* The key type. {@code "EC"} or {@code "RSA"}.
*
* @see RFC 7517 JSON Web Key (JWK), 4.1. "kty" (Key Type) Parameter
*/
public String getKty()
{
return kty;
}
/**
* Set the key type of the key on the HSM.
*
* @param kty
* The key type. {@code "EC"} or {@code "RSA"}.
*
* @return
* {@code this} object.
*
* @see RFC 7517 JSON Web Key (JWK), 4.1. "kty" (Key Type) Parameter
*/
public Hsk setKty(String kty)
{
this.kty = kty;
return this;
}
/**
* Get the use of the key on the HSM.
*
*
* When the key use is {@code "sig"} (signature), the private key on the
* HSM is used to sign data and the corresponding public key is used to
* verify the signature.
*
*
*
* When the key use is {@code "enc"} (encryption), the private key on the
* HSM is used to decrypt encrypted data which have been encrypted with the
* corresponding public key.
*
*
* @return
* The key use. {@code "sig"} (signature) or {@code "enc"}
* (encryption).
*
* @see RFC 7517 JSON Web Key (JWK), 4.2. "use" (Public Key Use) Parameter
*/
public String getUse()
{
return use;
}
/**
* Set the use of the key on the HSM.
*
*
* When the key use is {@code "sig"} (signature), the private key on the
* HSM is used to sign data and the corresponding public key is used to
* verify the signature.
*
*
*
* When the key use is {@code "enc"} (encryption), the private key on the
* HSM is used to decrypt encrypted data which have been encrypted with the
* corresponding public key.
*
*
* @param use
* The key use. {@code "sig"} (signature) or {@code "enc"}
* (encryption).
*
* @return
* {@code this} object.
*
* @see RFC 7517 JSON Web Key (JWK), 4.2. "use" (Public Key Use) Parameter
*/
public Hsk setUse(String use)
{
this.use = use;
return this;
}
/**
* Get the algorithm of the key on the HSM.
*
*
* When the key use is {@code "sig"}, the algorithm represents a signing
* algorithm such as {@code "ES256"}.
*
*
*
* When the key use is {@code "enc"}, the algorithm represents an
* encryption algorithm such as {@code "RSA-OAEP-256"}.
*
*
* @return
* The algorithm.
*
* @see RFC 7517 JSON Web Key (JWK), 4.4. "alg" (Algorithm) Parameter
*
* @see RFC 7518 JSON Web Algorithms (JWA), 3.1. "alg" (Algorithm) Header Parameter Values for JWS
*
* @see RFC 7518 JSON Web Algorithms (JWA), 4.1. "alg" (Algorithm) Header Parameter Values for JWE
*/
public String getAlg()
{
return alg;
}
/**
* Set the algorithm of the key on the HSM.
*
*
* When the key use is {@code "sig"}, the algorithm represents a signing
* algorithm such as {@code "ES256"}.
*
*
*
* When the key use is {@code "enc"}, the algorithm represents an
* encryption algorithm such as {@code "RSA-OAEP-256"}.
*
*
* @param alg
* The algorithm.
*
* @return
* {@code this} object.
*
* @see RFC 7517 JSON Web Key (JWK), 4.4. "alg" (Algorithm) Parameter
*
* @see RFC 7518 JSON Web Algorithms (JWA), 3.1. "alg" (Algorithm) Header Parameter Values for JWS
*
* @see RFC 7518 JSON Web Algorithms (JWA), 4.1. "alg" (Algorithm) Header Parameter Values for JWE
*/
public Hsk setAlg(String alg)
{
this.alg = alg;
return this;
}
/**
* Get the key ID for the key on the HSM.
*
* @return
* The key ID.
*
* @see RFC 7517 JSON Web Key (JWK), 4.5. "kid" (Key ID) Parameter
*/
public String getKid()
{
return kid;
}
/**
* Set the key ID for the key on the HSM.
*
* @param kid
* The key ID.
*
* @return
* {@code this} object.
*
* @see RFC 7517 JSON Web Key (JWK), 4.5. "kid" (Key ID) Parameter
*/
public Hsk setKid(String kid)
{
this.kid = kid;
return this;
}
/**
* Get the name of the HSM.
*
*
* The identifier for the HSM that sits behind the Authlete server.
* For example, {@code "google"}.
*
*
* @return
* The name of the HSM.
*/
public String getHsmName()
{
return hsmName;
}
/**
* Set the name of the HSM.
*
*
* The identifier for the HSM that sits behind the Authlete server.
* For example, {@code "google"}.
*
*
* @param hsmName
* The name of the HSM.
*
* @return
* {@code this} object.
*/
public Hsk setHsmName(String hsmName)
{
this.hsmName = hsmName;
return this;
}
/**
* Get the handle for the key on the HSM.
*
*
* A handle is a base64url-encoded 256-bit random value (43 letters)
* which is assigned by Authlete on the call of the {@code /api/hsk/create}
* API.
*
*
*
* A handle is needed to call the /api/hsk/get/{handle} API
* and the /api/hsk/delete/{handle} API.
*
*
* @return
* The handle.
*/
public String getHandle()
{
return handle;
}
/**
* Set the handle for the key on the HSM.
*
*
* A handle is a base64url-encoded 256-bit random value (43 letters)
* which is assigned by Authlete on the call of the {@code /api/hsk/create}
* API.
*
*
*
* A handle is needed to call the /api/hsk/get/{handle} API
* and the /api/hsk/delete/{handle} API.
*
*
* @param handle
* The handle.
*
* @return
* {@code this} object.
*/
public Hsk setHandle(String handle)
{
this.handle = handle;
return this;
}
/**
* Get the public key that corresponds to the key on the HSM.
*
* @return
* The public key in base64-encoded DER format.
*/
public String getPublicKey()
{
return publicKey;
}
/**
* Set the public key that corresponds to the key on the HSM.
*
* @param publicKey
* The public key in base64-encoded DER format.
*
* @return
* {@code this} object.
*/
public Hsk setPublicKey(String publicKey)
{
this.publicKey = publicKey;
return this;
}
}