public interface JweHeader extends ProtectedHeader
ALGORITHM, COMPRESSION_ALGORITHM, CONTENT_TYPE, DEPRECATED_COMPRESSION_ALGORITHM, JWT_TYPE, TYPE| Modifier and Type | Method and Description |
|---|---|
byte[] |
getAgreementPartyUInfo()
Returns any information about the JWE producer for use with key agreement algorithms, or
null if not
present. |
byte[] |
getAgreementPartyVInfo()
Returns any information about the JWE recipient for use with key agreement algorithms, or
null if not
present. |
byte[] |
getAuthenticationTag()
Returns the 128-bit "tag"
(Authentication Tag) resulting from key encryption, or
null if not present. |
String |
getEncryptionAlgorithm()
Returns the JWE
enc (Encryption
Algorithm) header value or null if not present. |
PublicJwk<?> |
getEphemeralPublicKey()
Returns the
epk (Ephemeral
Public Key) header value created by the JWE originator for use with key agreement algorithms, or
null if not present. |
byte[] |
getInitializationVector()
Returns the 96-bit "iv"
(Initialization Vector) generated during key encryption, or
null if not present. |
Integer |
getPbes2Count()
Returns the number of PBKDF2 iterations necessary to derive the key used during JWE encryption, or
null
if not present. |
byte[] |
getPbes2Salt()
Returns the PBKDF2
Salt Input value necessary to derive the key used during JWE encryption, or
null if not present. |
getCritical, getJwk, getJwkSetUrl, getKeyIdgetAlgorithm, getCompressionAlgorithm, getContentType, getTypeclear, containsKey, containsValue, entrySet, equals, get, hashCode, isEmpty, keySet, put, putAll, remove, size, valuesgetX509Chain, getX509Sha1Thumbprint, getX509Sha256Thumbprint, getX509UrlString getEncryptionAlgorithm()
enc (Encryption
Algorithm) header value or null if not present.
The JWE enc (encryption algorithm) Header Parameter identifies the content encryption algorithm
used to perform authenticated encryption on the plaintext to produce the ciphertext and the JWE
Authentication Tag.
Note that there is no corresponding 'setter' method for this 'getter' because JJWT users set this value by
supplying an AeadAlgorithm to a JwtBuilder via one of its
encryptWith(SecretKey, AeadAlgorithm) or
encryptWith(Key, KeyAlgorithm, AeadAlgorithm)
methods. JJWT will then set this enc header value automatically to the AeadAlgorithm's
getId() value during encryption.
enc (Encryption Algorithm) header value or null if not present. This will
always be non-null on validly-constructed JWE instances, but could be null during construction.JwtBuilder.encryptWith(SecretKey, AeadAlgorithm),
JwtBuilder.encryptWith(Key, KeyAlgorithm, AeadAlgorithm)PublicJwk<?> getEphemeralPublicKey()
epk (Ephemeral
Public Key) header value created by the JWE originator for use with key agreement algorithms, or
null if not present.
Note that there is no corresponding 'setter' method for this 'getter' because JJWT users set this value by
supplying an ECDH-ES KeyAlgorithm to a JwtBuilder via its
encryptWith(Key, KeyAlgorithm, AeadAlgorithm)
method. The ECDH-ES KeyAlgorithm implementation will then set this epk header value
automatically when producing the encryption key.
epk (Ephemeral
Public Key) header value created by the JWE originator for use with key agreement algorithms, or
null if not present.Jwts.KEY,
Jwts.KEY.ECDH_ES,
Jwts.KEY.ECDH_ES_A128KW,
Jwts.KEY.ECDH_ES_A192KW,
Jwts.KEY.ECDH_ES_A256KWbyte[] getAgreementPartyUInfo()
null if not
present.null if not
present.apu (Agreement PartyUInfo) Header Parameter,
Jwts.KEY.ECDH_ES,
Jwts.KEY.ECDH_ES_A128KW,
Jwts.KEY.ECDH_ES_A192KW,
Jwts.KEY.ECDH_ES_A256KWbyte[] getAgreementPartyVInfo()
null if not
present.null if not
present.apv (Agreement PartyVInfo) Header Parameter,
Jwts.KEY.ECDH_ES,
Jwts.KEY.ECDH_ES_A128KW,
Jwts.KEY.ECDH_ES_A192KW,
Jwts.KEY.ECDH_ES_A256KWbyte[] getInitializationVector()
null if not present.
Set by AES GCM KeyAlgorithm implementations.
Note that there is no corresponding 'setter' method for this 'getter' because JJWT users set this value by
supplying an AES GCM Wrap KeyAlgorithm to a JwtBuilder via its
encryptWith(Key, KeyAlgorithm, AeadAlgorithm)
method. The AES GCM Wrap KeyAlgorithm implementation will then set this iv header value
automatically when producing the encryption key.
null if not present.Jwts.KEY.A128GCMKW,
Jwts.KEY.A192GCMKW,
Jwts.KEY.A256GCMKWbyte[] getAuthenticationTag()
null if not present.
Note that there is no corresponding 'setter' method for this 'getter' because JJWT users set this value by
supplying an AES GCM Wrap KeyAlgorithm to a JwtBuilder via its
encryptWith(Key, KeyAlgorithm, AeadAlgorithm)
method. The AES GCM Wrap KeyAlgorithm implementation will then set this tag header value
automatically when producing the encryption key.
null if not present.Jwts.KEY.A128GCMKW,
Jwts.KEY.A192GCMKW,
Jwts.KEY.A256GCMKWInteger getPbes2Count()
null
if not present. Used with password-based KeyAlgorithms.null
if not present.p2c (PBES2 Count) Header Parameter,
Jwts.KEY.PBES2_HS256_A128KW,
Jwts.KEY.PBES2_HS384_A192KW,
Jwts.KEY.PBES2_HS512_A256KWbyte[] getPbes2Salt()
Salt Input value necessary to derive the key used during JWE encryption, or
null if not present.
Note that there is no corresponding 'setter' method for this 'getter' because JJWT users set this value by
supplying a password-based KeyAlgorithm to a JwtBuilder via its
encryptWith(Key, KeyAlgorithm, AeadAlgorithm)
method. The password-based KeyAlgorithm implementation will then set this p2s header value
automatically when producing the encryption key.
Salt Input value necessary to derive the key used during JWE encryption, or
null if not present.p2s (PBES2 Salt Input) Header Parameter,
Jwts.KEY.PBES2_HS256_A128KW,
Jwts.KEY.PBES2_HS384_A192KW,
Jwts.KEY.PBES2_HS512_A256KWCopyright © 2014–2025 jsonwebtoken.io. All rights reserved.