DigestAlgorithm (JJWT :: API 0.12.3 API)

Type Parameters:: R - the type of Request used when computing a digest.; V - the type of VerifyDigestRequest used when verifying a digest.

All Superinterfaces:: Identifiable

All Known Subinterfaces:: HashAlgorithm, MacAlgorithm, SecureDigestAlgorithm<S,V>, SignatureAlgorithm

public interface DigestAlgorithm<R extends Request<InputStream>,V extends VerifyDigestRequest>
extends Identifiable

A DigestAlgorithm is a Cryptographic Hash Function that computes and verifies cryptographic digests. There are three types of DigestAlgorithms represented by subtypes, and RFC-standard implementations are available as constants in Registry singletons:

Types of `DigestAlgorithm`s
Subtype	Standard Implementation Registry	Security Model
`HashAlgorithm`	`Jwks.HASH`	Unsecured (unkeyed), does not require a key to compute or verify digests.
`MacAlgorithm`	`Jwts.SIG`	Requires a `SecretKey` to both compute and verify digests (aka "Message Authentication Codes").
`SignatureAlgorithm`	`Jwts.SIG`	Requires a `PrivateKey` to compute and `PublicKey` to verify digests (aka "Digital Signatures").

Standard Identifier

DigestAlgorithm extends Identifiable: the value returned from getId() will be used as the JWT standard identifier where required.

For example, when a MacAlgorithm or SignatureAlgorithm is used to secure a JWS, the value returned from algorithm.getId() will be used as the JWS "alg" protected header value. Or when a HashAlgorithm is used to compute a JwkThumbprint, it's algorithm.getId() value will be used within the thumbprint's URI per JWT RFC requirements.

Since:: 0.12.0
See Also:: Jwks.HASH, Jwts.SIG

Method Summary

Methods
Modifier and Type	Method and Description
`byte[]`	`digest(R request)` Returns a cryptographic digest of the request `payload`.
`boolean`	`verify(V request)` Returns `true` if the provided `digest` matches the expected value for the given `payload`, `false` otherwise.

Methods inherited from interface io.jsonwebtoken.Identifiable
getId

- Method Detail
  - digest
```
byte[] digest(R request)
              throws SecurityException
```
    Returns a cryptographic digest of the request payload.
    
    Parameters:
    request - the request containing the data to be hashed, mac'd or signed.
    
    Returns:
    a cryptographic digest of the request payload.
    
    Throws:
    
    SecurityException - if there is invalid key input or a problem during digest creation.
  - verify
```
boolean verify(V request)
               throws SecurityException
```
    Returns true if the provided digest matches the expected value for the given payload, false otherwise.
    
    Parameters:
    request - the request containing the digest to verify for the associated payload.
    
    Returns:
    true if the provided digest matches the expected value for the given payload, false otherwise.
    
    Throws:
    
    SecurityException - if there is an invalid key input or a problem that won't allow digest verification.

Interface DigestAlgorithm<R extends Request<InputStream>,V extends VerifyDigestRequest>

Method Summary

Methods inherited from interface io.jsonwebtoken.Identifiable

Method Detail

digest

verify