Package org.forgerock.json.jose.jwe
Class EncryptedJwt
java.lang.Object
org.forgerock.json.jose.jwe.EncryptedJwt
- Direct Known Subclasses:
SignedThenEncryptedJwt
A JWE implementation of the Jwt interface.
JSON Web Encryption (JWE) is a representing encrypted content using JSON based data structures.
- Since:
- 2.0.0
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionEncryptedJwt(JweHeader header, String encodedHeader, byte[] encryptedContentEncryptionKey, byte[] initialisationVector, byte[] ciphertext, byte[] authenticationTag) Constructs a reconstructed EncryptedJwt from its constituent parts, the JweHeader, encrypted Content Encryption Key (CEK), initialisation vector, ciphertext and additional authentication data.EncryptedJwt(JweHeader header, JwtClaimsSet payload, Key publicKey) Constructs a fresh, new EncryptedJwt from the given JweHeader and JwtClaimsSet. -
Method Summary
Modifier and TypeMethodDescriptionbuild()Builds the JWT into aStringby following the steps specified in the relevant specification according to whether the JWT is being signed and/or encrypted.voidDecrypts the JWE ciphertext back into a JwtClaimsSet.Gets the claims set object for the Jwt, which contains all of the claims (name value pairs) conveyed by the JWT.Gets the header object for the JWT, which contains properties which describe the cryptographic operations applied to the JWT, among other properties.
-
Constructor Details
-
EncryptedJwt
Constructs a fresh, new EncryptedJwt from the given JweHeader and JwtClaimsSet.The specified public key will be used to perform the encryption of the JWT.
- Parameters:
header- The JweHeader containing the header parameters of the JWE.payload- The claimset of the JWE.publicKey- The public key to use to perform the encryption.
-
EncryptedJwt
public EncryptedJwt(JweHeader header, String encodedHeader, byte[] encryptedContentEncryptionKey, byte[] initialisationVector, byte[] ciphertext, byte[] authenticationTag) Constructs a reconstructed EncryptedJwt from its constituent parts, the JweHeader, encrypted Content Encryption Key (CEK), initialisation vector, ciphertext and additional authentication data.For use when an encrypted JWT has been reconstructed from its base64url encoded string representation and the JWT needs decrypting.
- Parameters:
header- The JweHeader containing the header parameters of the JWE.encodedHeader- The Base64url encoded JWE header.encryptedContentEncryptionKey- The encrypted Content Encryption Key (CEK).initialisationVector- The initialisation vector.ciphertext- The ciphertext.authenticationTag- The authentication tag.
-
-
Method Details
-
getHeader
Description copied from interface:JwtGets the header object for the JWT, which contains properties which describe the cryptographic operations applied to the JWT, among other properties.When the JWT is digitally signed or MACed, the JWT Header is a JWS Header. When the JWT is encrypted, the JWT Header is a JWE Header.
-
getClaimsSet
Description copied from interface:JwtGets the claims set object for the Jwt, which contains all of the claims (name value pairs) conveyed by the JWT.- Specified by:
getClaimsSetin interfaceJwt- Returns:
- The JWTs Claims Set.
-
build
Description copied from interface:JwtBuilds the JWT into aStringby following the steps specified in the relevant specification according to whether the JWT is being signed and/or encrypted. -
decrypt
Decrypts the JWE ciphertext back into a JwtClaimsSet.The same private key must be given here that is the pair to the public key that was used to encrypt the JWT.
- Parameters:
privateKey- The private key pair to the public key that encrypted the JWT.
-