Package com.nimbusds.jose
Class JWEObject
java.lang.Object
com.nimbusds.jose.JOSEObject
com.nimbusds.jose.JWEObject
- All Implemented Interfaces:
Serializable
- Direct Known Subclasses:
EncryptedJWT
JSON Web Encryption (JWE) secured object with
compact
serialisation.
This class is thread-safe.
- Version:
- 2025-05-08
- Author:
- Vladimir Dzhuvinov, Egor Puzanov
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
Enumeration of the states of a JSON Web Encryption (JWE) secured object. -
Field Summary
Modifier and TypeFieldDescriptionstatic final int
The maximum allowed character length of compressed cipher text.Fields inherited from class com.nimbusds.jose.JOSEObject
MIME_TYPE_COMPACT, MIME_TYPE_JS
-
Constructor Summary
ConstructorDescriptionCreates a new to-be-encrypted JSON Web Encryption (JWE) object with the specified header and payload.JWEObject
(Base64URL firstPart, Base64URL secondPart, Base64URL thirdPart, Base64URL fourthPart, Base64URL fifthPart) Creates a new encrypted JSON Web Encryption (JWE) object with the specified serialised parts. -
Method Summary
Modifier and TypeMethodDescriptionvoid
decrypt
(JWEDecrypter decrypter) Decrypts this JWE object with the specified decrypter.void
encrypt
(JWEEncrypter encrypter) Encrypts this JWE object with the specified encrypter.Returns the authentication tag of this JWE object.Returns the cipher text of this JWE object.Returns the encrypted key of this JWE object.Returns the header of this JOSE object.getIV()
Returns the initialisation vector (IV) of this JWE object.getState()
Returns the state of the JWE secured object.static JWEObject
Parses a JWE object from the specified string in compact form.Serialises this JWE object to its compact format consisting of Base64URL-encoded parts delimited by period ('.') characters.Methods inherited from class com.nimbusds.jose.JOSEObject
getParsedParts, getParsedString, getPayload, setParsedParts, setPayload, split
-
Field Details
-
MAX_COMPRESSED_CIPHER_TEXT_LENGTH
The maximum allowed character length of compressed cipher text.- See Also:
-
-
Constructor Details
-
JWEObject
Creates a new to-be-encrypted JSON Web Encryption (JWE) object with the specified header and payload. The initial state will beunencrypted
.- Parameters:
header
- The JWE header. Must not benull
.payload
- The payload. Must not benull
.
-
JWEObject
public JWEObject(Base64URL firstPart, Base64URL secondPart, Base64URL thirdPart, Base64URL fourthPart, Base64URL fifthPart) throws ParseException Creates a new encrypted JSON Web Encryption (JWE) object with the specified serialised parts. The state will beencrypted
.- Parameters:
firstPart
- The first part, corresponding to the JWE header. Must not benull
.secondPart
- The second part, corresponding to the encrypted key. Empty ornull
if none.thirdPart
- The third part, corresponding to the initialisation vector. Empty ornull
if none.fourthPart
- The fourth part, corresponding to the cipher text. Must not benull
.fifthPart
- The fifth part, corresponding to the authentication tag. Empty ofnull
if none.- Throws:
ParseException
- If parsing of the serialised parts failed.
-
-
Method Details
-
getHeader
Description copied from class:JOSEObject
Returns the header of this JOSE object.- Specified by:
getHeader
in classJOSEObject
- Returns:
- The header.
-
getEncryptedKey
Returns the encrypted key of this JWE object.- Returns:
- The encrypted key,
null
not applicable or the JWE object has not been encrypted yet.
-
getIV
Returns the initialisation vector (IV) of this JWE object.- Returns:
- The initialisation vector (IV),
null
if not applicable or the JWE object has not been encrypted yet.
-
getCipherText
Returns the cipher text of this JWE object.- Returns:
- The cipher text,
null
if the JWE object has not been encrypted yet.
-
getAuthTag
Returns the authentication tag of this JWE object.- Returns:
- The authentication tag,
null
if not applicable or the JWE object has not been encrypted yet.
-
getState
Returns the state of the JWE secured object.- Returns:
- The state.
-
encrypt
Encrypts this JWE object with the specified encrypter. The JWE object must be in anunencrypted
state.- Parameters:
encrypter
- The JWE encrypter. Must not benull
.- Throws:
IllegalStateException
- If the JWE object is not in anunencrypted state
.JOSEException
- If the JWE object couldn't be encrypted.
-
decrypt
Decrypts this JWE object with the specified decrypter. The JWE object must be in aencrypted
state.- Parameters:
decrypter
- The JWE decrypter. Must not benull
.- Throws:
IllegalStateException
- If the JWE object is not in anencrypted state
.JOSEException
- If the JWE object couldn't be decrypted.
-
serialize
Serialises this JWE object to its compact format consisting of Base64URL-encoded parts delimited by period ('.') characters. It must be in aencrypted
ordecrypted
state.[header-base64url].[encryptedKey-base64url].[iv-base64url].[cipherText-base64url].[authTag-base64url]
- Specified by:
serialize
in classJOSEObject
- Returns:
- The serialised JWE object.
- Throws:
IllegalStateException
- If the JWE object is not in aencrypted
ordecrypted state
.
-
parse
Parses a JWE object from the specified string in compact form. The parsed JWE object will be given anJWEObject.State.ENCRYPTED
state.- Parameters:
s
- The string to parse. Must not benull
.- Returns:
- The JWE object.
- Throws:
ParseException
- If the string couldn't be parsed to a valid JWE object.
-