public interface JWEDecrypter extends JWEAlgorithmProvider
Callers can query the decrypter to determine its algorithm capabilities as well as the JWE algorithms and header parameters that are accepted for processing.
Modifier and Type | Method and Description |
---|---|
byte[] |
decrypt(JWEHeader header,
Base64URL encryptedKey,
Base64URL iv,
Base64URL cipherText,
Base64URL authTag)
Decrypts the specified cipher text of a
JWE Object . |
Set<JWEAlgorithm> |
getAcceptedAlgorithms()
Gets the names of the accepted JWE algorithms.
|
Set<EncryptionMethod> |
getAcceptedEncryptionMethods()
Gets the names of the accepted encryption methods.
|
Set<String> |
getIgnoredCriticalHeaderParameters()
Gets the names of the critical JWE header parameters to ignore.
|
void |
setAcceptedAlgorithms(Set<JWEAlgorithm> acceptedAlgs)
Sets the names of the accepted JWE algorithms.
|
void |
setAcceptedEncryptionMethods(Set<EncryptionMethod> acceptedEncs)
Sets the names of the accepted encryption methods.
|
void |
setIgnoredCriticalHeaderParameters(Set<String> headers)
Sets the names of the critical JWE header parameters to ignore.
|
setContentEncryptionProvider, setKeyEncryptionProvider, setMACProvider, setSecureRandom, supportedAlgorithms, supportedEncryptionMethods
setProvider
Set<JWEAlgorithm> getAcceptedAlgorithms()
alg
JWE header parameter.setAcceptedAlgorithms(java.util.Set<com.nimbusds.jose.JWEAlgorithm>)
void setAcceptedAlgorithms(Set<JWEAlgorithm> acceptedAlgs)
alg
JWE header parameter.
For JWE decrypters that support multiple JWE algorithms this method can be used to indicate that only a subset should be accepted for processing.
acceptedAlgs
- The accepted JWE algorithms. Must be a subset of
the supported algorithms and not null
.Set<EncryptionMethod> getAcceptedEncryptionMethods()
enc
JWE header parameter.setAcceptedEncryptionMethods(java.util.Set<com.nimbusds.jose.EncryptionMethod>)
void setAcceptedEncryptionMethods(Set<EncryptionMethod> acceptedEncs)
enc
JWE header parameter.
For JWE decrypters that support multiple encryption methods this method can be used to indicate that only a subset should be accepted for processing.
acceptedEncs
- The accepted encryption methods. Must be a
subset of the supported encryption methods and
not null
.Set<String> getIgnoredCriticalHeaderParameters()
crit
header parameter. The JWE
decrypter should not ignore critical headers by default.null
if none.void setIgnoredCriticalHeaderParameters(Set<String> headers)
crit
header parameter. The JWE
decrypter should not ignore critical headers by default. Use this
setter to delegate processing of selected critical headers to the
application.headers
- The names of the critical JWS header parameters to
ignore, empty or null
if none.byte[] decrypt(JWEHeader header, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag) throws JOSEException
JWE Object
.header
- The JSON Web Encryption (JWE) header. Must
specify an accepted JWE algorithm, must contain
only accepted header parameters, and must not
be null
.encryptedKey
- The encrypted key, null
if not required
by the JWE algorithm.iv
- The initialisation vector, null
if not
required by the JWE algorithm.cipherText
- The cipher text to decrypt. Must not be
null
.authTag
- The authentication tag, null
if not
required.JOSEException
- If the JWE algorithm is not accepted, if a
header parameter is not accepted, or if
decryption failed for some other reason.Copyright © 2015 Connect2id Ltd.. All Rights Reserved.