decryptWith
Configures the parser to decrypt JWE tokens using an RSA OAEP private key derived from the given Jwk.Rsa JWK.
Return
this builder for chaining
Parameters
the OAEP-based key encryption algorithm (RSA-OAEP or RSA-OAEP-256)
the RSA JWK containing the private key parameters, including d and the CRT parameters
optional key ID override; when set, the parser will only use this key if the token's kid header matches. Defaults to the JWK's own kid field.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Registers a direct (dir) SimpleKey symmetric key for JWE decryption.
Return
this builder for chaining
Parameters
the direct key encryption algorithm (EncryptionAlgorithm.Dir)
the SimpleKey wrapping the raw symmetric content encryption key
optional key ID to associate with this decryptor; when set, only tokens whose kid header matches will use this key. Defaults to null (matches any token).
Registers an RSA-OAEP (RSA-OAEP / RSA-OAEP-256) private key for JWE decryption.
Return
this builder for chaining
Parameters
the OAEP-based key encryption algorithm (RSA-OAEP or RSA-OAEP-256)
the RSA OAEP private key used to unwrap the content encryption key
optional key ID to associate with this decryptor; when set, only tokens whose kid header matches will use this key. Defaults to null (matches any token).
Registers a raw Key for JWE token decryption using any EncryptionAlgorithm.
Prefer the strongly typed overloads (e.g. decryptWith accepting RSA.OAEP.PrivateKey or SimpleKey) when possible, as they enforce the correct key type at compile time.
Return
this builder for chaining
Parameters
the JWE key-encryption algorithm this key is associated with
the raw cryptography-kotlin key to decrypt tokens with; must be compatible with algorithm
optional key ID to associate with this decryptor; when set, only tokens whose kid header matches will use this key. Defaults to null (matches any token).
Registers a pre-built EncryptionKey.DecryptionOnlyKey for JWE token decryption.
The algorithm and kid are taken from key's EncryptionKey.Identifier.
Return
this builder for chaining
Parameters
the decryption-only encryption key to register
Registers a pre-built EncryptionKey.EncryptionKeyPair for JWE token decryption.
The algorithm and kid are taken from key's EncryptionKey.Identifier. Both the public and private key material are stored, but only the private key is used for decryption.
Return
this builder for chaining
Parameters
the encryption key pair to register
Registers a direct key (dir) for JWE decryption from a raw ByteArray.
Return
this builder for chaining.
Parameters
the raw symmetric key bytes used for direct decryption.
the direct key encryption algorithm (EncryptionAlgorithm.Dir).
optional key ID to associate with this decryptor; when set, only tokens whose kid header matches will use this key. Defaults to null (matches any token).
Registers a direct key (dir) for JWE decryption from a UTF-8 String.
The string is converted to bytes using UTF-8 encoding before being used as the symmetric key.
Return
this builder for chaining.
Parameters
the symmetric key as a UTF-8 string.
the direct key encryption algorithm (EncryptionAlgorithm.Dir).
optional key ID to associate with this decryptor; when set, only tokens whose kid header matches will use this key. Defaults to null (matches any token).