Package com.nimbusds.jose.crypto

Class PasswordBasedEncrypter

    • Constructor Detail

      • PasswordBasedEncrypter

        public PasswordBasedEncrypter​(byte[] password,
                              int saltLength,
                              int iterationCount)
        Creates a new password-based encrypter.
        Parameters:
        password - The password bytes. Must not be empty or null.
        saltLength - The length of the generated cryptographic salts, in bytes. Must be at least 8 bytes.
        iterationCount - The pseudo-random function (PRF) iteration count. Must be at least 1000.

      • PasswordBasedEncrypter

        public PasswordBasedEncrypter​(String password,
                              int saltLength,
                              int iterationCount)
        Creates a new password-based encrypter.
        Parameters:
        password - The password, as a UTF-8 encoded string. Must not be empty or null.
        saltLength - The length of the generated cryptographic salts, in bytes. Must be at least 8 bytes.
        iterationCount - The pseudo-random function (PRF) iteration count. Must be at least 1000.

    • Method Detail

      • encrypt

        @Deprecated
public JWECryptoParts encrypt​(JWEHeader header,
                              byte[] clearText)
                       throws JOSEException
        Deprecated.
        Encrypts the specified clear text of a JWE object.
        Parameters:
        header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
        clearText - The clear text to encrypt. Must not be null.
        Returns:
        The resulting JWE crypto parts.
        Throws:
        JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.

      • encrypt

        public JWECryptoParts encrypt​(JWEHeader header,
                              byte[] clearText,
                              byte[] aad)
                       throws JOSEException
        Description copied from interface: JWEEncrypter
        Encrypts the specified clear text of a JWE object.
        Specified by:
        encrypt in interface JWEEncrypter
        Parameters:
        header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
        clearText - The clear text to encrypt. Must not be null.
        aad - The additional authenticated data. Must not be null.
        Returns:
        The resulting JWE crypto parts.
        Throws:
        JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.

      • getSaltLength

        public int getSaltLength()
        Returns the length of the generated cryptographic salts.
        Returns:
        The length of the generated cryptographic salts, in bytes.

      • getIterationCount

        public int getIterationCount()
        Returns the pseudo-random function (PRF) iteration count.
        Returns:
        The iteration count.

      • supportedJWEAlgorithms

        public Set<JWEAlgorithm> supportedJWEAlgorithms()
        Description copied from interface: JWEProvider
        Returns the names of the supported algorithms by the JWE provider instance. These correspond to the alg JWE header parameter.
        Specified by:
        supportedJWEAlgorithms in interface JWEProvider
        Returns:
        The supported JWE algorithms, empty set if none.

      • supportedEncryptionMethods

        public Set<EncryptionMethod> supportedEncryptionMethods()
        Description copied from interface: JWEProvider
        Returns the names of the supported encryption methods by the JWE provier. These correspond to the enc JWE header parameter.
        Specified by:
        supportedEncryptionMethods in interface JWEProvider
        Returns:
        The supported encryption methods, empty set if none.

      • getJCAContext

        public JWEJCAContext getJCAContext()
        Description copied from interface: JCAAware
        Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.
        Specified by:
        getJCAContext in interface JCAAware<JWEJCAContext>
        Returns:
        The JCA context. Not null.

      • isCEKProvided

        protected boolean isCEKProvided()
        Returns true if a content encryption key (CEK) was provided at construction time.
        Returns:
        true if a CEK was provided at construction time, false if CEKs will be internally generated.

      • getCEK

        protected SecretKey getCEK​(EncryptionMethod enc)
                    throws JOSEException
        Returns the content encryption key (CEK) to use. Unless a CEK was provided at construction time this will be a new internally generated CEK.
        Parameters:
        enc - The encryption method. Must not be null.
        Returns:
        The content encryption key (CEK).
        Throws:
        JOSEException - If an internal exception is encountered.