Package com.nimbusds.jose.crypto

Class PasswordBasedEncrypter

java.lang.Object
com.nimbusds.jose.crypto.impl.BaseJWEProvider
com.nimbusds.jose.crypto.impl.PasswordBasedCryptoProvider
com.nimbusds.jose.crypto.PasswordBasedEncrypter
All Implemented Interfaces:
JCAAware<JWEJCAContext>, JOSEProvider, JWEEncrypter, JWEProvider
@ThreadSafe public class PasswordBasedEncrypter extends PasswordBasedCryptoProvider implements JWEEncrypter
Password-based encrypter of JWE objects. Expects a password.

See RFC 7518 section 4.8 for more information.

This class is thread-safe.

Supports the following key management algorithms:

Supports the following content encryption algorithms:

Version:
2023-09-10
Author:
Vladimir Dzhuvinov, Egor Puzanov

  • Field Details

  • Constructor Details

    • PasswordBasedEncrypter

      public PasswordBasedEncrypter(byte[] password, int saltLength, int iterationCount)
      Creates a new password-based encrypter.
      Parameters:
      password - The password bytes. Must not be empty or null.
      saltLength - The length of the generated cryptographic salts, in bytes. Must be at least 8 bytes.
      iterationCount - The pseudo-random function (PRF) iteration count. Must be at least 1000.

    • PasswordBasedEncrypter

      public PasswordBasedEncrypter(String password, int saltLength, int iterationCount)
      Creates a new password-based encrypter.
      Parameters:
      password - The password, as a UTF-8 encoded string. Must not be empty or null.
      saltLength - The length of the generated cryptographic salts, in bytes. Must be at least 8 bytes.
      iterationCount - The pseudo-random function (PRF) iteration count. Must be at least 1000.

  • Method Details

    • encrypt

      @Deprecated public JWECryptoParts encrypt(JWEHeader header, byte[] clearText) throws JOSEException
      Deprecated.
      Encrypts the specified clear text of a JWE object.
      Parameters:
      header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
      clearText - The clear text to encrypt. Must not be null.
      Returns:
      The resulting JWE crypto parts.
      Throws:
      JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.

    • encrypt

      public JWECryptoParts encrypt(JWEHeader header, byte[] clearText, byte[] aad) throws JOSEException
      Description copied from interface: JWEEncrypter
      Encrypts the specified clear text of a JWE object.
      Specified by:
      encrypt in interface JWEEncrypter
      Parameters:
      header - The JSON Web Encryption (JWE) header. Must specify a supported JWE algorithm and method. Must not be null.
      clearText - The clear text to encrypt. Must not be null.
      aad - The additional authenticated data. Must not be null.
      Returns:
      The resulting JWE crypto parts.
      Throws:
      JOSEException - If the JWE algorithm or method is not supported or if encryption failed for some other internal reason.

    • getSaltLength

      public int getSaltLength()
      Returns the length of the generated cryptographic salts.
      Returns:
      The length of the generated cryptographic salts, in bytes.

    • getIterationCount

      public int getIterationCount()
      Returns the pseudo-random function (PRF) iteration count.
      Returns:
      The iteration count.