Package org.forgerock.json.jose.jws

Class EncryptedThenSignedJwt

java.lang.Object

org.forgerock.json.jose.jws.SignedJwt

org.forgerock.json.jose.jws.EncryptedThenSignedJwt

All Implemented Interfaces:

Jwt, Payload

Direct Known Subclasses:

SignedEncryptedJwt

public class EncryptedThenSignedJwt
extends SignedJwt

An implementation of a JWS with a nested JWE as its payload.

Since:

2.0.0

See Also:

• SignedJwt
• EncryptedJwt

Constructor Summary

Constructors

Constructor	Description
EncryptedThenSignedJwt(JwsHeader header, EncryptedJwt nestedJwe, byte[] signingInput, byte[] signature)	Constructs a reconstructed SignedEncryptedJwt from its constituent parts, the JwsHeader, nested Encrypted JWT, signing input and signature.
EncryptedThenSignedJwt(JwsHeader header, EncryptedJwt nestedJwe, SigningHandler signingHandler)	Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.

Method Summary

Modifier and Type	Method	Description
void	decrypt(Key privateKey)	Decrypts the JWE so that it Claims Set can be accessed.
JwtClaimsSet	getClaimsSet()	Gets the claims set object for the nested Encrypted JWT that is the payload of this JWS.

Methods inherited from class org.forgerock.json.jose.jws.SignedJwt

build, getHeader, getPayload, verify

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

EncryptedThenSignedJwt

public EncryptedThenSignedJwt(JwsHeader header,
 EncryptedJwt nestedJwe,
 SigningHandler signingHandler)

Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.

The specified private key will be used in the creation of the JWS signature.

Parameters:

header - The JwsHeader containing the header parameters of the JWS.

nestedJwe - The nested Encrypted JWT that will be the payload of this JWS.

signingHandler - The SigningHandler instance used to sign the JWS.

EncryptedThenSignedJwt

public EncryptedThenSignedJwt(JwsHeader header,
 EncryptedJwt nestedJwe,
 byte[] signingInput,
 byte[] signature)

Constructs a reconstructed SignedEncryptedJwt from its constituent parts, the JwsHeader, nested Encrypted JWT, signing input and signature.

For use when a signed nested encrypted JWT has been reconstructed from its base64url encoded string representation and the signature needs verifying.

Parameters:

header - The JwsHeader containing the header parameters of the JWS.

nestedJwe - The nested Encrypted JWT that is the payload of the JWS.

signingInput - The original data that was signed, being the base64url encoding of the JWS header and payload concatenated using a "." character.

signature - The resulting signature of signing the signing input.

Method Details

getClaimsSet

public JwtClaimsSet getClaimsSet()

Gets the claims set object for the nested Encrypted JWT that is the payload of this JWS.

Specified by:

getClaimsSet in interface Jwt

Overrides:

getClaimsSet in class SignedJwt

Returns:

The JWTs Claims Set.

See Also:

• Jwt.getClaimsSet()

decrypt

public void decrypt(Key privateKey)

Decrypts the JWE so that it Claims Set can be accessed.

The same private key must be given here that is the pair to the public key that was used to encrypt the JWT.

Parameters:

privateKey - The private key pair to the public key that encrypted the JWT.