Package org.jose4j.jws

Class JsonWebSignature

java.lang.Object
org.jose4j.jwx.JsonWebStructure
org.jose4j.jws.JsonWebSignature
public class JsonWebSignature extends JsonWebStructure
The JsonWebSignature class is used to produce and consume JSON Web Signature (JWS) as defined in RFC 7515.

  • Field Details

    • COMPACT_SERIALIZATION_PARTS

      public static final short COMPACT_SERIALIZATION_PARTS
      See Also:

  • Constructor Details

    • JsonWebSignature

      public JsonWebSignature()

  • Method Details

    • setPayload

      public void setPayload(String payload)
      Sets the JWS payload as a string. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.
      Specified by:
      setPayload in class JsonWebStructure
      Parameters:
      payload - the payload, as a string, to be singed.

    • getPayloadBytes

      public byte[] getPayloadBytes() throws JoseException
      Get the JWS payload.
      Returns:
      the sequence of bytes that make up the JWS payload.
      Throws:
      JoseException - if the JWS signature is invalid or an error condition is encountered during the signature verification process

    • getUnverifiedPayloadBytes

      public byte[] getUnverifiedPayloadBytes()
      Get the JWS payload. Unlike getPayloadBytes() the signature is not verified when calling this method.
      Returns:
      the sequence of bytes that make up the JWS payload.

    • setPayloadBytes

      public void setPayloadBytes(byte[] payloadBytes)
      Sets the JWS payload.
      Parameters:
      payloadBytes - the payload, as a byte array, to be singed

    • setCompactSerializationParts

      protected void setCompactSerializationParts(String[] parts) throws JoseException
      Specified by:
      setCompactSerializationParts in class JsonWebStructure
      Throws:
      JoseException

    • getCompactSerialization

      public String getCompactSerialization() throws JoseException

      Sign and produce the JWS Compact Serialization.

      The JWS Compact Serialization represents digitally signed or MACed content as a compact, URL-safe string. This string is:

      BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload) || '.' || BASE64URL(JWS Signature)

      Specified by:
      getCompactSerialization in class JsonWebStructure
      Returns:
      the Compact Serialization: the encoded header + "." + the encoded payload + "." + the encoded signature
      Throws:
      JoseException - if an error condition is encountered during the process

    • getDetachedContentCompactSerialization

      public String getDetachedContentCompactSerialization() throws JoseException
      Produces the compact serialization with an empty/detached payload as described in Appendix F, Detached Content, of the JWS spec though providing library support rather than making the application do it all as described therein.
      Returns:
      the encoded header + ".." + the encoded signature
      Throws:
      JoseException - if an error condition is encountered during the signing process

    • prepareSigningPrimitive

      public CryptoPrimitive prepareSigningPrimitive() throws JoseException
      Create, initialize (using the key and ProviderContext) and return the CryptoPrimitive that this JWS instance will use for signing. This can optionally be called after setting the key (and maybe ProviderContext) but before getting the compact serialization (which is when the singing magic happens). This method provides access to the underlying primitive instance (e.g. a Signature), which allows execution of the operation to be gated by some approval or authorization. For example, signing on Android with a key that was set to require user authentication when created needs a biometric prompt to allow the signature to execute with the key.
      Returns:
      a CryptoPrimitive containing either a Signature or Mac, or null
      Throws:
      JoseException - if an error condition is encountered during the initialization process

    • sign

      public void sign() throws JoseException
      Compute the JWS signature.
      Throws:
      JoseException - if an error condition is encountered during the signing process

    • onNewKey

      protected void onNewKey()
      Overrides:
      onNewKey in class JsonWebStructure

    • verifySignature

      public boolean verifySignature() throws JoseException
      Verify the signature of the JWS.
      Returns:
      true if the signature is valid, false otherwise
      Throws:
      JoseException - if an error condition is encountered during the signature verification process

    • isSupportedCriticalHeader

      protected boolean isSupportedCriticalHeader(String headerName)
      Overrides:
      isSupportedCriticalHeader in class JsonWebStructure

    • getAlgorithm

      public JsonWebSignatureAlgorithm getAlgorithm() throws InvalidAlgorithmException
      Specified by:
      getAlgorithm in class JsonWebStructure
      Throws:
      InvalidAlgorithmException

    • getAlgorithmNoConstraintCheck

      public JsonWebSignatureAlgorithm getAlgorithmNoConstraintCheck() throws InvalidAlgorithmException
      Specified by:
      getAlgorithmNoConstraintCheck in class JsonWebStructure
      Throws:
      InvalidAlgorithmException

    • isRfc7797UnencodedPayload

      protected boolean isRfc7797UnencodedPayload()

    • getPayload

      public String getPayload() throws JoseException
      Gets the JWS payload as a string. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.
      Specified by:
      getPayload in class JsonWebStructure
      Returns:
      the JWS payload
      Throws:
      JoseException - if the JWS signature is invalid or an error condition is encountered during the signature verification process

    • getUnverifiedPayload

      public String getUnverifiedPayload()
      Gets the JWS payload as a string. Unlike getPayload() the signature is not verified when calling this method. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.
      Returns:
      the JWS payload

    • getPayloadCharEncoding

      public String getPayloadCharEncoding()
      Gets the character encoding used for the string representation of the JWS payload. The default encoding is UTF-8.
      Returns:
      the character encoding

    • setPayloadCharEncoding

      public void setPayloadCharEncoding(String payloadCharEncoding)
      Sets the character encoding used for the string representation of the JWS payload (i.e. when using getPayload(), getUnverifiedPayload(), or setPayload(String)). The default encoding is UTF-8.
      Parameters:
      payloadCharEncoding - the character encoding to use for the string representation of the JWS payload

    • getKeyType

      public String getKeyType() throws InvalidAlgorithmException
      Throws:
      InvalidAlgorithmException

    • getKeyPersuasion

      public KeyPersuasion getKeyPersuasion() throws InvalidAlgorithmException
      Throws:
      InvalidAlgorithmException

    • setEncodedPayload

      public void setEncodedPayload(String encodedPayload)

    • getEncodedPayload

      public String getEncodedPayload()
      Gets the base64url encoded JWS Payload.
      Returns:
      the base64url encoded JWS Payload.

    • getEncodedSignature

      public String getEncodedSignature()

    • getSignature

      protected byte[] getSignature()

    • setSignature

      protected void setSignature(byte[] signature)