Source code

001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2021, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jose;
019
020
021import com.nimbusds.jose.util.Base64URL;
022
023import java.util.List;
024
025/**
026 * JSON Web Encryption (JWE) decrypter for multiple recipients.
027 * It should be used only for General JSON Serialization {@link JWEObjectJSON}.
028 *
029 *
030 * @author Alexander Martynov
031 * @version 2021-08-19
032 */
033public interface JWEDecrypterMulti extends JWEProvider {
034
035        /**
036         * Decrypts the specified cipher text of a {@link JWEObject JWE Object}.
037         * May decrypt multi keys.
038         *
039         * @param header       The JSON Web Encryption (JWE) header. Must
040         *                     specify a supported JWE algorithm and method.
041         *                     Must not be {@code null}.
042         * @param recipients   The recipients, {@code null} if not required
043         *                     by the JWE algorithm.
044         * @param iv           The initialisation vector, {@code null} if not
045         *                     required by the JWE algorithm.
046         * @param cipherText   The cipher text to decrypt. Must not be
047         *                     {@code null}.
048         * @param authTag      The authentication tag, {@code null} if not
049         *                     required.
050         *
051         * @return The clear text.
052         *
053         * @throws JOSEException If the JWE algorithm or method is not
054         *                       supported, if a critical header parameter is
055         *                       not supported or marked for deferral to the
056         *                       application, or if decryption failed for some
057         *                       other reason.
058         */
059        byte[] decrypt(final JWEHeader header,
060                   final List<JWERecipient> recipients,
061                   final Base64URL iv,
062                   final Base64URL cipherText,
063                   final Base64URL authTag)
064                throws JOSEException;
065}