Jwts.SIG (JJWT :: API 0.13.0 API)

java.lang.Object
- io.jsonwebtoken.Jwts.SIG

Enclosing class:

Jwts
```
public static final class Jwts.SIG
extends Object
```
Constants for all JWA (RFC 7518) standard Cryptographic Algorithms for Digital Signatures and MACs defined in the JSON Web Signature and Encryption Algorithms Registry. Each standard algorithm is available as a (public static final) constant for direct type-safe reference in application code. For example:
```
 Jwts.builder()
    // ... etc ...
    .signWith(aKey, Jwts.SIG.HS512) // or RS512, PS256, EdDSA, etc...
    .build();
```
They are also available together as a Registry instance via the get() method.
Since:

0.12.0

See Also:
get()

Field Summary

Fields
Modifier and Type	Field and Description
`static SignatureAlgorithm`	`EdDSA` `EdDSA` signature algorithm defined by RFC 8037, Section 3.1 that requires either `Ed25519` or `Ed448` Edwards Elliptic Curve¹ keys.
`static SignatureAlgorithm`	`ES256` `ECDSA using P-256 and SHA-256` signature algorithm as defined by RFC 7518, Section 3.4.
`static SignatureAlgorithm`	`ES384` `ECDSA using P-384 and SHA-384` signature algorithm as defined by RFC 7518, Section 3.4.
`static SignatureAlgorithm`	`ES512` `ECDSA using P-521 and SHA-512` signature algorithm as defined by RFC 7518, Section 3.4.
`static MacAlgorithm`	`HS256` `HMAC using SHA-256` message authentication algorithm as defined by RFC 7518, Section 3.2.
`static MacAlgorithm`	`HS384` `HMAC using SHA-384` message authentication algorithm as defined by RFC 7518, Section 3.2.
`static MacAlgorithm`	`HS512` `HMAC using SHA-512` message authentication algorithm as defined by RFC 7518, Section 3.2.
`static SecureDigestAlgorithm<Key,Key>`	`NONE` The "none" signature algorithm as defined by RFC 7518, Section 3.6.
`static SignatureAlgorithm`	`PS256` `RSASSA-PSS using SHA-256 and MGF1 with SHA-256` signature algorithm as defined by RFC 7518, Section 3.5¹.
`static SignatureAlgorithm`	`PS384` `RSASSA-PSS using SHA-384 and MGF1 with SHA-384` signature algorithm as defined by RFC 7518, Section 3.5¹.
`static SignatureAlgorithm`	`PS512` `RSASSA-PSS using SHA-512 and MGF1 with SHA-512` signature algorithm as defined by RFC 7518, Section 3.5¹.
`static SignatureAlgorithm`	`RS256` `RSASSA-PKCS1-v1_5 using SHA-256` signature algorithm as defined by RFC 7518, Section 3.3.
`static SignatureAlgorithm`	`RS384` `RSASSA-PKCS1-v1_5 using SHA-384` signature algorithm as defined by RFC 7518, Section 3.3.
`static SignatureAlgorithm`	`RS512` `RSASSA-PKCS1-v1_5 using SHA-512` signature algorithm as defined by RFC 7518, Section 3.3.

Method Summary

Methods
Modifier and Type	Method and Description
`static Registry<String,SecureDigestAlgorithm<?,?>>`	`get()` Returns all standard JWA Cryptographic Algorithms for Digital Signatures and MACs defined in the JSON Web Signature and Encryption Algorithms Registry.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - NONE
```
public static final SecureDigestAlgorithm<Key,Key> NONE
```
    The "none" signature algorithm as defined by RFC 7518, Section 3.6. This algorithm is used only when creating unsecured (not integrity protected) JWSs and is not usable in any other scenario. Any attempt to call its methods will result in an exception being thrown.
  - HS256
```
public static final MacAlgorithm HS256
```
    HMAC using SHA-256 message authentication algorithm as defined by RFC 7518, Section 3.2. This algorithm requires a 256-bit (32 byte) key.
  - HS384
```
public static final MacAlgorithm HS384
```
    HMAC using SHA-384 message authentication algorithm as defined by RFC 7518, Section 3.2. This algorithm requires a 384-bit (48 byte) key.
  - HS512
```
public static final MacAlgorithm HS512
```
    HMAC using SHA-512 message authentication algorithm as defined by RFC 7518, Section 3.2. This algorithm requires a 512-bit (64 byte) key.
  - RS256
```
public static final SignatureAlgorithm RS256
```
    RSASSA-PKCS1-v1_5 using SHA-256 signature algorithm as defined by RFC 7518, Section 3.3. This algorithm requires a 2048-bit key.
  - RS384
```
public static final SignatureAlgorithm RS384
```
    RSASSA-PKCS1-v1_5 using SHA-384 signature algorithm as defined by RFC 7518, Section 3.3. This algorithm requires a 2048-bit key, but the JJWT team recommends a 3072-bit key.
  - RS512
```
public static final SignatureAlgorithm RS512
```
    RSASSA-PKCS1-v1_5 using SHA-512 signature algorithm as defined by RFC 7518, Section 3.3. This algorithm requires a 2048-bit key, but the JJWT team recommends a 4096-bit key.
  - PS256
```
public static final SignatureAlgorithm PS256
```
    RSASSA-PSS using SHA-256 and MGF1 with SHA-256 signature algorithm as defined by RFC 7518, Section 3.5¹. This algorithm requires a 2048-bit key.
    ¹ Requires Java 11 or a compatible JCA Provider (like BouncyCastle) in the runtime classpath. If on Java 10 or earlier, BouncyCastle will be used automatically if found in the runtime classpath.
  - PS384
```
public static final SignatureAlgorithm PS384
```
    RSASSA-PSS using SHA-384 and MGF1 with SHA-384 signature algorithm as defined by RFC 7518, Section 3.5¹. This algorithm requires a 2048-bit key, but the JJWT team recommends a 3072-bit key.
    ¹ Requires Java 11 or a compatible JCA Provider (like BouncyCastle) in the runtime classpath. If on Java 10 or earlier, BouncyCastle will be used automatically if found in the runtime classpath.
  - PS512
```
public static final SignatureAlgorithm PS512
```
    RSASSA-PSS using SHA-512 and MGF1 with SHA-512 signature algorithm as defined by RFC 7518, Section 3.5¹. This algorithm requires a 2048-bit key, but the JJWT team recommends a 4096-bit key.
    ¹ Requires Java 11 or a compatible JCA Provider (like BouncyCastle) in the runtime classpath. If on Java 10 or earlier, BouncyCastle will be used automatically if found in the runtime classpath.
  - ES256
```
public static final SignatureAlgorithm ES256
```
    ECDSA using P-256 and SHA-256 signature algorithm as defined by RFC 7518, Section 3.4. This algorithm requires a 256-bit key.
  - ES384
```
public static final SignatureAlgorithm ES384
```
    ECDSA using P-384 and SHA-384 signature algorithm as defined by RFC 7518, Section 3.4. This algorithm requires a 384-bit key.
  - ES512
```
public static final SignatureAlgorithm ES512
```
    ECDSA using P-521 and SHA-512 signature algorithm as defined by RFC 7518, Section 3.4. This algorithm requires a 521-bit key.
  - EdDSA
```
public static final SignatureAlgorithm EdDSA
```
    EdDSA signature algorithm defined by RFC 8037, Section 3.1 that requires either Ed25519 or Ed448 Edwards Elliptic Curve¹ keys.
    KeyPair Generation
    
    This instance's keyPair() builder creates Ed448 keys, and is essentially an alias for Jwks.CRV.Ed448.keyPair().
    
    If you would like to generate an Ed25519 KeyPair for use with the EdDSA algorithm, you may use the Jwks.CRV.Ed25519.keyPair() builder instead.
    
    ¹This algorithm requires at least JDK 15 or a compatible JCA Provider (like BouncyCastle) in the runtime classpath.
- Method Detail
  - get
```
public static Registry<String,SecureDigestAlgorithm<?,?>> get()
```
    Returns all standard JWA Cryptographic Algorithms for Digital Signatures and MACs defined in the JSON Web Signature and Encryption Algorithms Registry.
    
    Returns:
    all standard JWA digital signature and MAC algorithms.

Class Jwts.SIG

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

NONE

HS256

HS384

HS512

RS256

RS384

RS512

PS256

PS384

PS512

ES256

ES384

ES512

EdDSA

Method Detail

get