indispensable-josef/at.asitplus.signum.indispensable.josef

Package-level declarations

Types

Link copied to clipboard
@Serializable
data class ConfirmationClaim(val jsonWebKey: JsonWebKey? = null, val encryptedSymmetricKey: JweEncrypted? = null, val keyId: String? = null, val jsonWebKeySetUrl: String? = null, val jsonWebKeyThumbprint: String? = null)

Structure to declare posession of a particular proof-of-possesion key, to be included in JsonWebToken.confirmationClaim

Link copied to clipboard
@Serializable(with = JwaSerializer::class)
interface JsonWebAlgorithm
Link copied to clipboard
@Serializable
data class JsonWebKey(val algorithm: JsonWebAlgorithm? = null, val curve: ECCurve? = null, val e: ByteArray? = null, val k: ByteArray? = null, val keyOperations: Set<String>? = null, val keyId: String? = null, val type: JwkType? = null, val n: ByteArray? = null, val publicKeyUse: String? = null, val x: ByteArray? = null, val certificateChain: CertificateChain? = null, val certificateSha1Thumbprint: ByteArray? = null, val certificateUrl: String? = null, val certificateSha256Thumbprint: ByteArray? = null, val y: ByteArray? = null) : SpecializedCryptoPublicKey, SpecializedSymmetricKey

JSON Web Key as per RFC 7517.

Link copied to clipboard
@Serializable
data class JsonWebKeySet(val keys: Collection<JsonWebKey>)

JSON Web Key Set as per RFC 7517

Link copied to clipboard
@Serializable
data class JsonWebToken(val issuer: String? = null, val subject: String? = null, val audience: String? = null, val nonce: String? = null, val notBefore: Instant? = null, val issuedAt: Instant? = null, val expiration: Instant? = null, val jwtId: String? = null, val confirmationClaim: ConfirmationClaim? = null, val httpMethod: String? = null, val httpTargetUrl: String? = null, val accessTokenHash: String? = null, val walletName: String? = null, val walletLink: String? = null, val status: JsonObject? = null)

Content of a JWT (JsonWebToken), with many optional keys, since no claim is strongly required.

Link copied to clipboard
object JwaSerializer : KSerializer<JsonWebAlgorithm>
Link copied to clipboard
@Serializable(with = JweAlgorithmSerializer::class)
sealed class JweAlgorithm : JsonWebAlgorithm
Link copied to clipboard
object JweAlgorithmSerializer : KSerializer<JweAlgorithm>
Link copied to clipboard
data class JweDecrypted<T : Any>(val header: JweHeader, val payload: T)

Representation of a decrypted JSON Web Encryption object, i.e. header and payload.

Link copied to clipboard
data class JweEncrypted(val header: JweHeader, val headerAsParsed: ByteArray, val encryptedKey: ByteArray? = null, val iv: ByteArray, val ciphertext: ByteArray, val authTag: ByteArray)

Representation of an encrypted JSON Web Encryption object, consisting of its 5 parts: Header, encrypted key, IV, ciphertext, authentication tag.

Link copied to clipboard
object JweEncryptedSerializer : KSerializer<JweEncrypted>
Link copied to clipboard
@Serializable(with = JweEncryptionSerializer::class)
enum JweEncryption : Enum<JweEncryption>

Supported JWE algorithms.

Link copied to clipboard
object JweEncryptionSerializer : KSerializer<JweEncryption?>
Link copied to clipboard
@Serializable
data class JweHeader(val algorithm: JweAlgorithm?, val encryption: JweEncryption?, val keyId: String? = null, val type: String? = null, val contentType: String? = null, val jsonWebKey: JsonWebKey? = null, val jsonWebKeyUrl: String? = null, val ephemeralKeyPair: JsonWebKey? = null, val agreementPartyUInfo: ByteArray? = null, val agreementPartyVInfo: ByteArray? = null, val initializationVector: ByteArray? = null, val authenticationTag: ByteArray? = null, val certificateUrl: String? = null, val certificateChain: CertificateChain? = null, val certificateSha1Thumbprint: ByteArray? = null, val certificateSha256Thumbprint: ByteArray? = null)

Header of a JweEncrypted or JweDecrypted.

Link copied to clipboard
@Serializable(with = JwkTypeSerializer::class)
enum JwkType : Enum<JwkType>

Supported JSON Web Key types.

Link copied to clipboard
object JwkTypeSerializer : KSerializer<JwkType?>
Link copied to clipboard
@Serializable(with = JwsAlgorithmSerializer::class)
sealed class JwsAlgorithm : JsonWebAlgorithm, SpecializedDataIntegrityAlgorithm

Since we support only JWS algorithms (with one exception), this class is called what it's called.

Link copied to clipboard
object JwsAlgorithmSerializer : KSerializer<JwsAlgorithm>
Link copied to clipboard
object JwsExtensions
Link copied to clipboard
@Serializable
data class JwsHeader(val keyId: String? = null, val type: String? = null, val algorithm: JwsAlgorithm, val contentType: String? = null, val certificateChain: CertificateChain? = null, val notBefore: Instant? = null, val issuedAt: Instant? = null, val expiration: Instant? = null, val jsonWebKey: JsonWebKey? = null, val jsonWebKeySetUrl: String? = null, val certificateUrl: String? = null, val certificateSha1Thumbprint: ByteArray? = null, val certificateSha256Thumbprint: ByteArray? = null, val attestationJwt: String? = null, val keyAttestation: String? = null, val vcTypeMetadata: Set<String>? = null)

Header of a JwsSigned.

Link copied to clipboard
data class JwsSigned<out P : Any>(val header: JwsHeader, val payload: P, val signature: CryptoSignature.RawByteEncodable, val plainSignatureInput: ByteArray)

Representation of a signed JSON Web Signature object, i.e. consisting of header, payload and signature.

Link copied to clipboard
@Serializable
data class KeyAttestationJwt(val issuer: String? = null, val subject: String? = null, val audience: String? = null, val nonce: String? = null, val notBefore: Instant? = null, val issuedAt: Instant, val expiration: Instant? = null, val attestedKeys: Collection<JsonWebKey>, val keyStorage: Collection<String>? = null, val userAuthentication: Collection<String>? = null, val certification: String? = null, val status: JsonObject? = null)

Content of a Key Attestation in JWT format, according to OpenID for Verifiable Credential Issuance

Properties

Link copied to clipboard
val JweAlgorithm.jcaName: String?
Link copied to clipboard
val SymmetricKey<*, *, *>.jsonWebKeyBytes: <Error class: unknown class>

converts a symmetric key to its JWE serializable form (i.e. a single bytearray)

Link copied to clipboard
var CryptoPublicKey.jwkId: String?
var SymmetricKey<*, *, *>.jwkId: String?

Holds JsonWebKey.keyId when transforming a JsonWebKey to a CryptoPublicKey

Functions

Link copied to clipboard
fun CryptoPublicKey.toJsonWebKey(keyId: String? = this.jwkId): JsonWebKey

Converts a CryptoPublicKey to a JsonWebKey

fun SymmetricKey<*, *, *>.toJsonWebKey(keyId: String? = this.jwkId): KmmResult<JsonWebKey>

Converts a at.asitplus.signum.indispensable.symmetric.SymmetricKey to a JsonWebKey

fun SymmetricKey<*, *, *>.toJsonWebKey(keyId: String? = this.jwkId, vararg includedOps: String): KmmResult<JsonWebKey>

Converts this symmetric key to a JsonWebKey. algorithm may be null for algorithms, which do not directly correspond to a valid JWA alg identifier but will still be encoded.

Link copied to clipboard
fun SymmetricEncryptionAlgorithm<*, *, *>.toJweKwAlgorithm(): KmmResult<JweAlgorithm.Symmetric>

Tries to map this algorithm to a matching JsonWebAlgorithm for key wrapping. Mappings exist for the following algorithms (as others are not direct mappings of symmetric algorithms):

Link copied to clipboard
fun DataIntegrityAlgorithm.toJwsAlgorithm(): KmmResult<JwsAlgorithm>
fun MessageAuthenticationCode.toJwsAlgorithm(): KmmResult<JwsAlgorithm>

fun SignatureAlgorithm.toJwsAlgorithm(): KmmResult<JwsAlgorithm>

Tries to find a matching JWS algorithm. Note that JWS imposes curve restrictions on ECDSA based on the digest.

fun SpecializedDataIntegrityAlgorithm.toJwsAlgorithm(): KmmResult<JwsAlgorithm>

Tries to find a matching JWS algorithm

fun SpecializedMessageAuthenticationCode.toJwsAlgorithm(): KmmResult<JwsAlgorithm>
fun SpecializedSignatureAlgorithm.toJwsAlgorithm(): KmmResult<JwsAlgorithm>

Tries to find a matching JWS algorithm.