Class GenerateKeySpec
Object
GenerateKeySpec
GenerateKeySpec is a streamlined model for clients to request
generation of a new cryptographic key, without exposing all fields of
internal classes. It supports classical, post-quantum, and symmetric
algorithms, depending on the kty and alg you specify.
Clients can provide timestamps as ZonedDateTime objects (e.g.,
expiresAt for the hard expiration), and the SDK will handle
converting them to ISO-8601 before sending to the server. This removes the
burden of date/time formatting from the client application.
Example usage (fluent):
GenerateKeySpec spec = new GenerateKeySpec()
.setKid("myNewKey")
.setKty("ML-KEM")
.setAlg("ML-KEM-512")
.setExpiresAt(ZonedDateTime.parse("2030-06-30T23:59:59Z"))
.setSoftLimitExpiration(ZonedDateTime.parse("2029-12-31T23:59:59Z"))
.setMaxUsageLimit(50000)
.setSoftUsageLimit(40000);
sdk.generateKey(spec);
Example JSON (if serialized directly):
{
"kid": "myNewKey",
"kty": "ML-KEM",
"alg": "ML-KEM-512",
"keyOps": ["encrypt","decrypt"],
"exportable": true,
"expiresAt": "2030-06-30T23:59:59Z",
"softLimitExpiration": "2029-12-31T23:59:59Z",
"maxUsageLimit": 50000,
"softUsageLimit": 40000
}
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptiongetAlg()getKid()getKty()Sets the algorithm name.setExpiresAt(ZonedDateTime expiresAt) Sets hard expiration date/time.setExportable(Boolean exportable) Sets exportability.Sets permitted key operations.Sets the key identifier.Sets the key type.setMaxUsageLimit(Integer maxUsageLimit) Sets maximum usage limit (0/null = unlimited).setSoftLimitExpiration(ZonedDateTime softLimitExpiration) Sets soft-limit expiration date/time.setSoftUsageLimit(Integer softUsageLimit) Sets soft usage limit.
-
Constructor Details
-
GenerateKeySpec
public GenerateKeySpec()No-args constructor.
-
-
Method Details
-
getKid
- Returns:
- the key identifier (kid)
-
setKid
Sets the key identifier.- Parameters:
kid- the key identifier- Returns:
- this spec for chaining
-
getKty
- Returns:
- the key type (kty)
-
setKty
Sets the key type.- Parameters:
kty- the key type, e.g. "RSA", "ML-KEM"- Returns:
- this spec for chaining
-
getAlg
- Returns:
- the algorithm name
-
setAlg
Sets the algorithm name.- Parameters:
alg- the algorithm, e.g. "RSA-2048", "AES-256"- Returns:
- this spec for chaining
-
getKeyOps
-
setKeyOps
Sets permitted key operations.- Parameters:
keyOps- list of ops, e.g. ["encrypt","decrypt"]- Returns:
- this spec for chaining
-
getExportable
- Returns:
- whether key is exportable
-
setExportable
Sets exportability.- Parameters:
exportable- true if exportable- Returns:
- this spec for chaining
-
getExpiresAt
- Returns:
- hard expiration date/time in UTC
-
setExpiresAt
Sets hard expiration date/time.- Parameters:
expiresAt- a ZonedDateTime in UTC- Returns:
- this spec for chaining
-
getSoftLimitExpiration
- Returns:
- soft-limit expiration date/time in UTC
-
setSoftLimitExpiration
Sets soft-limit expiration date/time.- Parameters:
softLimitExpiration- a ZonedDateTime in UTC- Returns:
- this spec for chaining
-
getMaxUsageLimit
- Returns:
- maximum usage limit (0/null = unlimited)
-
setMaxUsageLimit
Sets maximum usage limit (0/null = unlimited).- Parameters:
maxUsageLimit- the limit- Returns:
- this spec for chaining
-
getSoftUsageLimit
- Returns:
- soft usage limit (warning threshold)
-
setSoftUsageLimit
Sets soft usage limit.- Parameters:
softUsageLimit- the soft limit- Returns:
- this spec for chaining
-