org.forgerock.json.jose.jws

Class EncryptedThenSignedJwt

java.lang.Object

org.forgerock.json.jose.jws.SignedJwt

org.forgerock.json.jose.jws.EncryptedThenSignedJwt

All Implemented Interfaces:

Jwt, Payload

Direct Known Subclasses:

SignedEncryptedJwt

public class EncryptedThenSignedJwt
extends SignedJwt

An implementation of a JWS with a nested JWE as its payload.

Since:

2.0.0

See Also:

SignedJwt, EncryptedJwt

Constructor Summary

Constructors

Constructor and Description
EncryptedThenSignedJwt(JwsHeader header, EncryptedJwt nestedJwe, byte[] signingInput, byte[] signature) Constructs a reconstructed SignedEncryptedJwt from its constituent parts, the JwsHeader, nested Encrypted JWT, signing input and signature.
EncryptedThenSignedJwt(JwsHeader header, EncryptedJwt nestedJwe, SigningHandler signingHandler) Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.

Method Summary

Modifier and Type	Method and Description
EncryptedThenSignedJwt	copy() Create a copy of the current payload.
void	decrypt(Key privateKey) Decrypts the JWE so that it Claims Set can be accessed.
JwtClaimsSet	getClaimsSet() Gets the claims set object for the nested Encrypted JWT that is the payload of this JWS.
JweHeader	getJweHeader() Get the header of the encapsulated EncryptedJwt.

Methods inherited from class org.forgerock.json.jose.jws.SignedJwt

build, getHeader, getPayload, verify

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EncryptedThenSignedJwt

public EncryptedThenSignedJwt(JwsHeader header,
                              EncryptedJwt nestedJwe,
                              SigningHandler signingHandler)

Constructs a fresh, new SignedEncryptedJwt from the given JwsHeader and nested Encrypted JWT.

The specified private key will be used in the creation of the JWS signature.

Parameters:

header - The JwsHeader containing the header parameters of the JWS.

nestedJwe - The nested Encrypted JWT that will be the payload of this JWS.

signingHandler - The SigningHandler instance used to sign the JWS.

EncryptedThenSignedJwt

public EncryptedThenSignedJwt(JwsHeader header,
                              EncryptedJwt nestedJwe,
                              byte[] signingInput,
                              byte[] signature)

Constructs a reconstructed SignedEncryptedJwt from its constituent parts, the JwsHeader, nested Encrypted JWT, signing input and signature.

For use when a signed nested encrypted JWT has been reconstructed from its base64url encoded string representation and the signature needs verifying.

Parameters:

header - The JwsHeader containing the header parameters of the JWS.

nestedJwe - The nested Encrypted JWT that is the payload of the JWS.

signingInput - The original data that was signed, being the base64url encoding of the JWS header and payload concatenated using a "." character.

signature - The resulting signature of signing the signing input.

Method Detail

getClaimsSet

public JwtClaimsSet getClaimsSet()

Gets the claims set object for the nested Encrypted JWT that is the payload of this JWS.

Specified by:

getClaimsSet in interface Jwt

Overrides:

getClaimsSet in class SignedJwt

Returns:

The JWTs Claims Set.

See Also:

Jwt.getClaimsSet()

decrypt

public void decrypt(Key privateKey)

Decrypts the JWE so that it Claims Set can be accessed.

The same private key must be given here that is the pair to the public key that was used to encrypt the JWT.

Parameters:

privateKey - The private key pair to the public key that encrypted the JWT.

getJweHeader

public JweHeader getJweHeader()

Get the header of the encapsulated EncryptedJwt.

Returns:

The JWE header.

copy

public EncryptedThenSignedJwt copy()

Description copied from interface: Payload

Create a copy of the current payload.

Specified by:

copy in interface Payload

Overrides:

copy in class SignedJwt

Returns:

a copy of the payload.