Package com.nimbusds.jose.crypto

Class Ed25519Verifier

java.lang.Object
com.nimbusds.jose.crypto.impl.BaseJWSProvider
com.nimbusds.jose.crypto.impl.EdDSAProvider
com.nimbusds.jose.crypto.Ed25519Verifier
All Implemented Interfaces:
CriticalHeaderParamsAware, JCAAware<JCAContext>, JOSEProvider, JWSProvider, JWSVerifier
@ThreadSafe public class Ed25519Verifier extends EdDSAProvider implements JWSVerifier, CriticalHeaderParamsAware
Ed25519 verifier of JWS objects. Expects a public OctetKeyPair with "crv" Ed25519. Uses the Edwards-curve Digital Signature Algorithm (EdDSA).

See RFC 8037 for more information.

This class is thread-safe.

Supports the following algorithm:

Version:
2024-05-07
Author:
Tim McLean

  • Constructor Details

    • Ed25519Verifier

      public Ed25519Verifier(OctetKeyPair publicKey) throws JOSEException
      Creates a new Ed25519 verifier.
      Parameters:
      publicKey - The public Ed25519 key. Must not be null.
      Throws:
      JOSEException - If the key subtype is not supported

    • Ed25519Verifier

      public Ed25519Verifier(OctetKeyPair publicKey, Set<String> defCritHeaders) throws JOSEException
      Creates an Ed25519 verifier.
      Parameters:
      publicKey - The public Ed25519 key. Must not be null.
      defCritHeaders - The names of the critical header parameters that are deferred to the application for processing, empty set or null if none.
      Throws:
      JOSEException - If the key subtype is not supported.

  • Method Details

    • getPublicKey

      public OctetKeyPair getPublicKey()
      Returns the public key.
      Returns:
      An OctetKeyPair without the private part

    • getProcessedCriticalHeaderParams

      public Set<String> getProcessedCriticalHeaderParams()
      Description copied from interface: CriticalHeaderParamsAware
      Returns the names of the critical (crit) header parameters that are understood and processed by the JWS verifier / JWE decrypter.
      Specified by:
      getProcessedCriticalHeaderParams in interface CriticalHeaderParamsAware
      Returns:
      The names of the critical header parameters that are understood and processed, empty set if none.

    • getDeferredCriticalHeaderParams

      public Set<String> getDeferredCriticalHeaderParams()
      Description copied from interface: CriticalHeaderParamsAware
      Returns the names of the critical (crit) header parameters that are deferred to the application for processing and will be ignored by the JWS verifier / JWE decrypter.
      Specified by:
      getDeferredCriticalHeaderParams in interface CriticalHeaderParamsAware
      Returns:
      The names of the critical header parameters that are deferred to the application for processing, empty set if none.

    • verify

      public boolean verify(JWSHeader header, byte[] signedContent, Base64URL signature) throws JOSEException
      Description copied from interface: JWSVerifier
      Verifies the specified signature of a JWS object.
      Specified by:
      verify in interface JWSVerifier
      Parameters:
      header - The JSON Web Signature (JWS) header. Must specify a supported JWS algorithm and must not be null.
      signedContent - The signing input. Must not be null.
      signature - The signature part of the JWS object. Must not be null.
      Returns:
      true if the signature was successfully verified, false if the signature is invalid or if a critical header is neither supported nor marked for deferral to the application.
      Throws:
      JOSEException - If the JWS algorithm is not supported, or if signature verification failed for some other internal reason.