com.nimbusds.jose.jwk.KeyUseAndOpsConsistency Maven / Gradle / Ivy
Show all versions of com.liferay.portal.security.sso.openid.connect.persistence.service
/*
* nimbus-jose-jwt
*
* Copyright 2012-2016, Connect2id Ltd and contributors.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use
* this file except in compliance with the License. You may obtain a copy of the
* License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
package com.nimbusds.jose.jwk;
import java.util.*;
/**
* JWK {@code use} and {@code key_ops} consistency rules.
*
* See https://tools.ietf.org/html/rfc7517#section-4.3
*
* @author Vladimir Dzhuvinov
* @version 2021-07-13
*/
class KeyUseAndOpsConsistency {
/**
* Defines the consistent key use / key operations mappings.
*/
static final Map> MAP;
static {
Map> map = new HashMap<>();
map.put(
KeyUse.SIGNATURE,
new HashSet<>(Arrays.asList(
KeyOperation.SIGN,
KeyOperation.VERIFY)));
map.put(
KeyUse.ENCRYPTION,
new HashSet<>(Arrays.asList(
KeyOperation.ENCRYPT,
KeyOperation.DECRYPT,
KeyOperation.WRAP_KEY,
KeyOperation.UNWRAP_KEY
)));
MAP = Collections.unmodifiableMap(map);
}
/**
* Checks if the specified key use and key operations are consistent.
* Note, a key use with a non-standard value other than
* {@link KeyUse#SIGNATURE "sig"} and {@link KeyUse#ENCRYPTION "enc"}
* is always assumed to be consistent with a specified key operations
* set.
*
* @param use The key use. May be {@code null}.
* @param ops The key operations. May be {@code null}.
*
* @return {@code true} if consistent, else {@code false}.
*/
static boolean areConsistent(final KeyUse use, final Set ops) {
if (use == null || ops == null) {
return true;
}
return !MAP.containsKey(use) || MAP.get(use).containsAll(ops);
}
}