org.jose4j.jws

Class JsonWebSignature

java.lang.Object

org.jose4j.jwx.JsonWebStructure

org.jose4j.jws.JsonWebSignature

public class JsonWebSignature
extends JsonWebStructure

The JsonWebSignature class is used to produce and consume JSON Web Signature (JWS) as defined in RFC 7515.

Field Summary

Fields

Modifier and Type	Field and Description
static short	COMPACT_SERIALIZATION_PARTS

Fields inherited from class org.jose4j.jwx.JsonWebStructure

base64url, doKeyValidation, headers, rawCompactSerialization

Constructor Summary

Constructors

Constructor and Description
JsonWebSignature()

Method Summary

Methods

Modifier and Type	Method and Description
JsonWebSignatureAlgorithm	getAlgorithm()
JsonWebSignatureAlgorithm	getAlgorithmNoConstraintCheck()
String	getCompactSerialization() Sign and produce the JWS Compact Serialization.
String	getDetachedContentCompactSerialization() Produces the compact serialization with an empty/detached payload as described in Appendix F, Detached Content, of the JWS spec though providing library support rather than making the application do it all as described therein.
String	getEncodedPayload() Gets the base64url encoded JWS Payload.
String	getEncodedSignature()
KeyPersuasion	getKeyPersuasion()
String	getKeyType()
String	getPayload() Gets the JWS payload as a string.
byte[]	getPayloadBytes() Get the JWS payload.
String	getPayloadCharEncoding() Gets the character encoding used for the string representation of the JWS payload.
protected byte[]	getSignature()
String	getUnverifiedPayload() Gets the JWS payload as a string.
byte[]	getUnverifiedPayloadBytes() Get the JWS payload.
protected boolean	isRfc7797UnencodedPayload()
protected boolean	isSupportedCriticalHeader(String headerName)
protected void	onNewKey()
protected void	setCompactSerializationParts(String[] parts)
void	setEncodedPayload(String encodedPayload)
void	setPayload(String payload) Sets the JWS payload as a string.
void	setPayloadBytes(byte[] payloadBytes) Sets the JWS payload.
void	setPayloadCharEncoding(String payloadCharEncoding) Sets the character encoding used for the string representation of the JWS payload (i.e.
protected void	setSignature(byte[] signature)
void	sign() Compute the JWS signature.
boolean	verifySignature() Verify the signature of the JWS.

Methods inherited from class org.jose4j.jwx.JsonWebStructure

checkCrit, checkNotEmptyPart, fromCompactSerialization, getAlgorithmConstraints, getAlgorithmHeaderValue, getCertificateChainHeaderValue, getContentTypeHeaderValue, getEncodedHeader, getHeader, getHeader, getHeaders, getIntegrity, getKey, getKeyIdHeaderValue, getLeafCertificateHeaderValue, getProviderCtx, getX509CertSha1ThumbprintHeaderValue, getX509CertSha256ThumbprintHeaderValue, isDoKeyValidation, setAlgorithmConstraints, setAlgorithmHeaderValue, setCertificateChainHeaderValue, setCompactSerialization, setContentTypeHeaderValue, setCriticalHeaderNames, setDoKeyValidation, setEncodedHeader, setHeader, setIntegrity, setKey, setKeyIdHeaderValue, setKnownCriticalHeaders, setProviderContext, setX509CertSha1ThumbprintHeaderValue, setX509CertSha1ThumbprintHeaderValue, setX509CertSha256ThumbprintHeaderValue, setX509CertSha256ThumbprintHeaderValue, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

COMPACT_SERIALIZATION_PARTS

public static final short COMPACT_SERIALIZATION_PARTS

See Also:

Constant Field Values

Constructor Detail

JsonWebSignature

public JsonWebSignature()

Method Detail

setPayload

public void setPayload(String payload)

Sets the JWS payload as a string. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.

Specified by:

setPayload in class JsonWebStructure

Parameters:

payload - the payload, as a string, to be singed.

getPayloadBytes

public byte[] getPayloadBytes()
                       throws JoseException

Get the JWS payload.

Returns:

the sequence of bytes that make up the JWS payload.

Throws:

JoseException - if the JWS signature is invalid or an error condition is encountered during the signature verification process

getUnverifiedPayloadBytes

public byte[] getUnverifiedPayloadBytes()

Get the JWS payload. Unlike getPayloadBytes() the signature is not verified when calling this method.

Returns:

the sequence of bytes that make up the JWS payload.

setPayloadBytes

public void setPayloadBytes(byte[] payloadBytes)

Sets the JWS payload.

Parameters:

payloadBytes - the payload, as a byte array, to be singed

setCompactSerializationParts

protected void setCompactSerializationParts(String[] parts)
                                     throws JoseException

Specified by:

setCompactSerializationParts in class JsonWebStructure

Throws:

JoseException

getCompactSerialization

public String getCompactSerialization()
                               throws JoseException

Sign and produce the JWS Compact Serialization.

The JWS Compact Serialization represents digitally signed or MACed content as a compact, URL-safe string. This string is:

BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload) || '.' || BASE64URL(JWS Signature)

Specified by:

getCompactSerialization in class JsonWebStructure

Returns:

the Compact Serialization: the encoded header + "." + the encoded payload + "." + the encoded signature

Throws:

JoseException

getDetachedContentCompactSerialization

public String getDetachedContentCompactSerialization()
                                              throws JoseException

Produces the compact serialization with an empty/detached payload as described in Appendix F, Detached Content, of the JWS spec though providing library support rather than making the application do it all as described therein.

Returns:

the encoded header + ".." + the encoded signature

Throws:

JoseException - if an error condition is encountered during the signing process

sign

public void sign()
          throws JoseException

Compute the JWS signature.

Throws:

JoseException - if an error condition is encountered during the signing process

onNewKey

protected void onNewKey()

Overrides:

onNewKey in class JsonWebStructure

verifySignature

public boolean verifySignature()
                        throws JoseException

Verify the signature of the JWS.

Returns:

true if the signature is valid, false otherwise

Throws:

JoseException - if an error condition is encountered during the signature verification process

isSupportedCriticalHeader

protected boolean isSupportedCriticalHeader(String headerName)

Overrides:

isSupportedCriticalHeader in class JsonWebStructure

getAlgorithm

public JsonWebSignatureAlgorithm getAlgorithm()
                                       throws InvalidAlgorithmException

Specified by:

getAlgorithm in class JsonWebStructure

Throws:

InvalidAlgorithmException

getAlgorithmNoConstraintCheck

public JsonWebSignatureAlgorithm getAlgorithmNoConstraintCheck()
                                                        throws InvalidAlgorithmException

Specified by:

getAlgorithmNoConstraintCheck in class JsonWebStructure

Throws:

InvalidAlgorithmException

isRfc7797UnencodedPayload

protected boolean isRfc7797UnencodedPayload()

getPayload

public String getPayload()
                  throws JoseException

Gets the JWS payload as a string. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.

Specified by:

getPayload in class JsonWebStructure

Returns:

the JWS payload

Throws:

JoseException - if the JWS signature is invalid or an error condition is encountered during the signature verification process

getUnverifiedPayload

public String getUnverifiedPayload()

Gets the JWS payload as a string. Unlike getPayload() the signature is not verified when calling this method. Use setPayloadCharEncoding(String) before calling this method, to use a character encoding other than UTF-8.

getPayloadCharEncoding

public String getPayloadCharEncoding()

Gets the character encoding used for the string representation of the JWS payload. The default encoding is UTF-8.

Returns:

the character encoding

setPayloadCharEncoding

public void setPayloadCharEncoding(String payloadCharEncoding)

Sets the character encoding used for the string representation of the JWS payload (i.e. when using getPayload(), getUnverifiedPayload(), or setPayload(String)). The default encoding is UTF-8.

Parameters:

payloadCharEncoding - the character encoding to use for the string representation of the JWS payload

getKeyType

public String getKeyType()
                  throws InvalidAlgorithmException

Throws:

InvalidAlgorithmException

getKeyPersuasion

public KeyPersuasion getKeyPersuasion()
                               throws InvalidAlgorithmException

Throws:

InvalidAlgorithmException

setEncodedPayload

public void setEncodedPayload(String encodedPayload)

getEncodedPayload

public String getEncodedPayload()

Gets the base64url encoded JWS Payload.

Returns:

the base64url encoded JWS Payload.

getEncodedSignature

public String getEncodedSignature()

getSignature

protected byte[] getSignature()

setSignature

protected void setSignature(byte[] signature)