@ThreadSafe public class MACVerifier extends MACProvider implements JWSVerifier, CriticalHeaderParamsAware
JWS objects. Expects a secret key.
See RFC 7518 section 3.2 for more information.
This class is thread-safe.
Supports the following algorithms:
SUPPORTED_ALGORITHMS| Constructor and Description |
|---|
MACVerifier(byte[] secret)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(byte[] secret,
Set<String> defCritHeaders)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(OctetSequenceKey jwk)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(SecretKey secretKey)
Creates a new Message Authentication (MAC) verifier.
|
MACVerifier(String secretString)
Creates a new Message Authentication (MAC) verifier.
|
| Modifier and Type | Method and Description |
|---|---|
Set<String> |
getDeferredCriticalHeaderParams()
Returns the names of the critical (
crit) header parameters
that are deferred to the application for processing and will be
ignored by the JWS verifier / JWE decrypter. |
Set<String> |
getProcessedCriticalHeaderParams()
Returns the names of the critical (
crit) header parameters
that are understood and processed by the JWS verifier / JWE
decrypter. |
boolean |
verify(JWSHeader header,
byte[] signedContent,
Base64URL signature)
Verifies the specified
signature of a
JWS object. |
getJCAAlgorithmName, getSecret, getSecretKey, getSecretStringgetJCAContext, supportedJWSAlgorithmsclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitsupportedJWSAlgorithmsgetJCAContextpublic MACVerifier(byte[] secret) throws JOSEException
secret - The secret. Must be at least 256 bits long and not
null.JOSEException - If the secret length is shorter than the
minimum 256-bit requirement.public MACVerifier(String secretString) throws JOSEException
secretString - The secret as a UTF-8 encoded string. Must be at
least 256 bits long and not null.JOSEException - If the secret length is shorter than the
minimum 256-bit requirement.public MACVerifier(SecretKey secretKey) throws JOSEException
secretKey - The secret key. Must be at least 256 bits long and
not null.JOSEException - If the secret length is shorter than the
minimum 256-bit requirement.public MACVerifier(OctetSequenceKey jwk) throws JOSEException
jwk - The secret as a JWK. Must be at least 256 bits long and
not null.JOSEException - If the secret length is shorter than the
minimum 256-bit requirement.public MACVerifier(byte[] secret, Set<String> defCritHeaders) throws JOSEException
secret - The secret. Must be at least 256 bits long
and not null.defCritHeaders - The names of the critical header parameters
that are deferred to the application for
processing, empty set or null if none.JOSEException - If the secret length is shorter than the
minimum 256-bit requirement.public Set<String> getProcessedCriticalHeaderParams()
CriticalHeaderParamsAwarecrit) header parameters
that are understood and processed by the JWS verifier / JWE
decrypter.getProcessedCriticalHeaderParams in interface CriticalHeaderParamsAwarepublic Set<String> getDeferredCriticalHeaderParams()
CriticalHeaderParamsAwarecrit) header parameters
that are deferred to the application for processing and will be
ignored by the JWS verifier / JWE decrypter.getDeferredCriticalHeaderParams in interface CriticalHeaderParamsAwarepublic boolean verify(JWSHeader header, byte[] signedContent, Base64URL signature) throws JOSEException
JWSVerifiersignature of a
JWS object.verify in interface JWSVerifierheader - The JSON Web Signature (JWS) header. Must
specify a supported JWS algorithm and must not
be null.signedContent - The signing input. Must not be null.signature - The signature part of the JWS object. Must not
be null.true if the signature was successfully verified,
false if the signature is invalid or if a critical
header is neither supported nor marked for deferral to the
application.JOSEException - If the JWS algorithm is not supported, or if
signature verification failed for some other
internal reason.Copyright © 2019 Connect2id Ltd.. All rights reserved.