...
The following table shows the key encryption algorithms and the corresponding providers:
RSAKeyEncryptionAlgorithm
KeyEncryptionProvider | KeyDecryptionProvider | |
RSAES-PKCS1-v1_5 | RSAKeyEncryptionAlgorithm | RSAKeyDecryptionAlgorithm |
RSAES OAEP | RSAKeyEncryptionAlgorithm | RSAKeyDecryptionAlgorithm |
AES Key Wrap | AesKeyWrapEncryptionAlgorithm | AesKeyWrapDecryptionAlgorithm |
Direct | DirectKeyEncryptionAlgorithm | DirectKeyDecryptionAlgorithm |
ECDH-ES Wrap | EcDsaJwsSignatureProvider | EcDsaJwsSignatureVerifier |
RSASSA-PSS | PrivateKeyJwsSignatureProvider | PublicKeyJwsSignatureVerifier |
None | NoneJwsSignatureProvider | NoneJwsSignatureVerifier |
EcdhAesWrapKeyEncryptionAlgorithm | EcdhAesWrapKeyDecryptionAlgorithm | |
ECDH-ES Direct | EcdhDirectKeyJweEncryption | EcdhDirectKeyJweDecryption |
AES-GCM | AesGcmWrapKeyEncryptionAlgorithm | AesGcmWrapKeyDecryptionAlgorithm |
PBES2 | PbesHmacAesWrapKeyEncryptionAlgorithm | PbesHmacAesWrapKeyDecryptionAlgorithm |
ContentEncryptionProvider supports encrypting a generated content-encryption key, ContentDecryptionProvider - decrypting it.
The following table shows the content encryption algorithms and the corresponding providers:
ContentEncryptionProvider | ContentDecryptionProvider | |
AES_CBC_HMAC_SHA2 | AesCbcHmacJweEncryption | AesCbcHmacJweDecryption |
AES-GCM | AesGcmContentEncryptionAlgorithm | AesGcmContentDecryptionAlgorithm |
All of the above Either of these providers can be initialized with the keys loaded from JWK or JCA stores or from the in-memory representations.
...