@ThreadSafe public class Ed25519Verifier extends EdDSAProvider implements JWSVerifier, CriticalHeaderParamsAware
JWS objects
.
Expects a public OctetKeyPair
with "crv"
Ed25519.
Uses the Edwards-curve Digital Signature Algorithm (EdDSA).
See RFC 8037 for more information.
This class is thread-safe.
Supports the following algorithm:
with the following curve:
SUPPORTED_ALGORITHMS
Constructor and Description |
---|
Ed25519Verifier(OctetKeyPair publicKey)
Creates a new Ed25519 verifier.
|
Ed25519Verifier(OctetKeyPair publicKey,
Set<String> defCritHeaders)
Creates a Ed25519 verifier.
|
Modifier and Type | Method and Description |
---|---|
Set<String> |
getDeferredCriticalHeaderParams()
Returns the names of the critical (
crit ) header parameters
that are deferred to the application for processing and will be
ignored by the JWS verifier / JWE decrypter. |
Set<String> |
getProcessedCriticalHeaderParams()
Returns the names of the critical (
crit ) header parameters
that are understood and processed by the JWS verifier / JWE
decrypter. |
OctetKeyPair |
getPublicKey()
Returns the public key.
|
boolean |
verify(JWSHeader header,
byte[] signedContent,
Base64URL signature)
Verifies the specified
signature of a
JWS object . |
getJCAContext, supportedJWSAlgorithms
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
supportedJWSAlgorithms
getJCAContext
public Ed25519Verifier(OctetKeyPair publicKey) throws JOSEException
publicKey
- The public Ed25519 key. Must not be null
.JOSEException
- If the key subtype is not supportedpublic Ed25519Verifier(OctetKeyPair publicKey, Set<String> defCritHeaders) throws JOSEException
publicKey
- The public Ed25519 key. Must not be null
.defCritHeaders
- The names of the critical header parameters
that are deferred to the application for
processing, empty set or null
if none.JOSEException
- If the key subtype is not supported.public OctetKeyPair getPublicKey()
public Set<String> getProcessedCriticalHeaderParams()
CriticalHeaderParamsAware
crit
) header parameters
that are understood and processed by the JWS verifier / JWE
decrypter.getProcessedCriticalHeaderParams
in interface CriticalHeaderParamsAware
public Set<String> getDeferredCriticalHeaderParams()
CriticalHeaderParamsAware
crit
) header parameters
that are deferred to the application for processing and will be
ignored by the JWS verifier / JWE decrypter.getDeferredCriticalHeaderParams
in interface CriticalHeaderParamsAware
public boolean verify(JWSHeader header, byte[] signedContent, Base64URL signature) throws JOSEException
JWSVerifier
signature
of a
JWS object
.verify
in interface JWSVerifier
header
- The JSON Web Signature (JWS) header. Must
specify a supported JWS algorithm and must not
be null
.signedContent
- The signing input. Must not be null
.signature
- The signature part of the JWS object. Must not
be null
.true
if the signature was successfully verified,
false
if the signature is invalid or if a critical
header is neither supported nor marked for deferral to the
application.JOSEException
- If the JWS algorithm is not supported, or if
signature verification failed for some other
internal reason.Copyright © 2020 Connect2id Ltd.. All rights reserved.