public class EncryptedJwt extends Object implements Jwt, Payload
JSON Web Encryption (JWE) is a representing encrypted content using JSON based data structures.
Constructor and Description |
---|
EncryptedJwt(JweHeader header,
JwtClaimsSet claimsSet,
Key publicKey)
Constructs a fresh, new EncryptedJwt from the given JweHeader and JwtClaimsSet.
|
EncryptedJwt(JweHeader header,
String encodedHeader,
byte[] encryptedContentEncryptionKey,
byte[] initialisationVector,
byte[] ciphertext,
byte[] authenticationTag)
Constructs a reconstructed EncryptedJwt from its constituent parts, the JweHeader, encrypted Content Encryption
Key (CEK), initialisation vector, ciphertext and additional authentication data.
|
Modifier and Type | Method and Description |
---|---|
String |
build()
Builds the JWT into a
String by following the steps specified in the relevant specification
according to whether the JWT is being signed and/or encrypted. |
void |
decrypt(Key privateKey)
Decrypts the JWE ciphertext back into a JwtClaimsSet.
|
JwtClaimsSet |
getClaimsSet()
Gets the claims set object for the Jwt, which contains all of the claims (name value pairs) conveyed by the JWT.
|
JwtHeader |
getHeader()
Gets the header object for the JWT, which contains properties which describe the cryptographic operations
applied to the JWT, among other properties.
|
public EncryptedJwt(JweHeader header, JwtClaimsSet claimsSet, Key publicKey)
The specified public key will be used to perform the encryption of the JWT.
header
- The JweHeader containing the header parameters of the JWE.claimsSet
- The JwtClaimsSet containing the claims of the JWE.publicKey
- The public key to use to perform the encryption.public EncryptedJwt(JweHeader header, String encodedHeader, byte[] encryptedContentEncryptionKey, byte[] initialisationVector, byte[] ciphertext, byte[] authenticationTag)
For use when an encrypted JWT has been reconstructed from its base64url encoded string representation and the JWT needs decrypting.
header
- The JweHeader containing the header parameters of the JWE.encodedHeader
- The Base64url encoded JWE header.encryptedContentEncryptionKey
- The encrypted Content Encryption Key (CEK).initialisationVector
- The initialisation vector.ciphertext
- The ciphertext.authenticationTag
- The authentication tag.public JwtHeader getHeader()
When the JWT is digitally signed or MACed, the JWT Header is a JWS Header. When the JWT is encrypted, the JWT Header is a JWE Header.
public JwtClaimsSet getClaimsSet()
getClaimsSet
in interface Jwt
public String build()
String
by following the steps specified in the relevant specification
according to whether the JWT is being signed and/or encrypted.
build
in interface Jwt
build
in interface Payload
Copyright 2011-2015 ForgeRock AS.