public class DirectDecrypter extends Object implements JWEDecrypter
JWE objects
with a
shared symmetric key. This class is thread-safe.
Supports the following JWE algorithms:
Supports the following encryption methods:
EncryptionMethod.A128CBC_HS256
EncryptionMethod.A256CBC_HS512
EncryptionMethod.A128GCM
EncryptionMethod.A256GCM
Accepts all reserved JWE header parameters
. Modify the header filter
properties to restrict the acceptable JWE algorithms,
encryption methods and header parameters, or to allow custom JWE header
parameters.
Modifier and Type | Field and Description |
---|---|
static Set<JWEAlgorithm> |
SUPPORTED_ALGORITHMS
The supported JWE algorithms.
|
static Set<EncryptionMethod> |
SUPPORTED_ENCRYPTION_METHODS
The supported encryption methods.
|
Constructor and Description |
---|
DirectDecrypter(byte[] keyBytes)
Creates a new direct decrypter.
|
DirectDecrypter(SecretKey key)
Creates a new direct decrypter.
|
Modifier and Type | Method and Description |
---|---|
byte[] |
decrypt(ReadOnlyJWEHeader readOnlyJWEHeader,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag)
Decrypts the specified cipher text of a
JWE Object . |
JWEHeaderFilter |
getJWEHeaderFilter()
Gets the JWE header filter associated with the decrypter.
|
SecretKey |
getKey()
Gets the shared symmetric key.
|
Set<JWEAlgorithm> |
supportedAlgorithms()
Returns the names of the supported JWE algorithms.
|
Set<EncryptionMethod> |
supportedEncryptionMethods()
Returns the names of the supported encryption methods.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
supportedAlgorithms, supportedEncryptionMethods
public static final Set<JWEAlgorithm> SUPPORTED_ALGORITHMS
public static final Set<EncryptionMethod> SUPPORTED_ENCRYPTION_METHODS
public DirectDecrypter(SecretKey key) throws JOSEException
key
- The shared symmetric key. Its algorithm must be "AES".
Must be 128 bits (16 bytes), 256 bits (32 bytes) or 512
bits (64 bytes) long. Must not be null
.JOSEException
- If the key length is unexpected.public DirectDecrypter(byte[] keyBytes) throws JOSEException
keyBytes
- The shared symmetric key, as a byte array. Must be
128 bits (16 bytes), 256 bits (32 bytes) or 512 bits
(64 bytes) long. Must not be null
.JOSEException
- If the key length is unexpected.public JWEHeaderFilter getJWEHeaderFilter()
JWEDecrypter
supported JWE
algorithms
and header parameters that the decrypter is configured to
accept.
Attempting to decrypt
a JWE object with an
algorithm or header parameter that is not accepted must result in a
JOSEException
.
getJWEHeaderFilter
in interface JWEDecrypter
public byte[] decrypt(ReadOnlyJWEHeader readOnlyJWEHeader, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag) throws JOSEException
JWEDecrypter
JWE Object
.decrypt
in interface JWEDecrypter
readOnlyJWEHeader
- The JSON Web Encryption (JWE) header. Must
specify an accepted JWE algorithm, must contain
only accepted header parameters, and must not
be null
.encryptedKey
- The encrypted key, null
if not required
by the JWE algorithm.iv
- The initialisation vector, null
if not
required by the JWE algorithm.cipherText
- The cipher text to decrypt. Must not be
null
.authTag
- The authentication tag, null
if not
required.JOSEException
- If the JWE algorithm is not accepted, if a
header parameter is not accepted, or if
decryption failed for some other reason.public Set<JWEAlgorithm> supportedAlgorithms()
JWEAlgorithmProvider
alg
JWE header parameter.supportedAlgorithms
in interface JWEAlgorithmProvider
public Set<EncryptionMethod> supportedEncryptionMethods()
JWEAlgorithmProvider
enc
JWE header parameter.supportedEncryptionMethods
in interface JWEAlgorithmProvider
Copyright © 2013 NimbusDS. All Rights Reserved.