Module io.inverno.mod.security.jose

Package io.inverno.mod.security.jose

Interface JOSEHeader

All Known Subinterfaces:

JWEHeader, JWSHeader

public interface JOSEHeader

A JOSE Header contains the parameters describing the cryptographic operations and parameters employed to secure a JOSE object.

It is part of a JOSE object and it defines the cryptographic information required to sign/verify or encrypt/decrypt a JOSE object such as a JSON Web Signature or a JSON Web Encryption.

Since:

1.5

Author:

Jeremy Kuhn

See Also:

• JWEHeader
• JWSHeader

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object obj)
String	getAlgorithm()	Returns the cryptographic algorithm used to secure the JOSE object.
String	getContentType()	Returns the media type of the JOSE object payload.
Set<String>	getCritical()	Returns the set of custom parameters that must be understood and processed.
Map<String,Object>	getCustomParameters()	Returns the map of custom parameters.
String	getEncoded()	Returns the header encoded as Base64URL.
Map<String,Object>	getJWK()	Returns the public JWK that corresponds to the key used to secure the JOSE object.
URI	getJWKSetURL()	Returns the JWK Set URL.
JWK	getKey()	Returns the actual key that was used to secure the JOSE object.
String	getKeyId()	Returns the id of the key that was used to secure the JOSE object.
String	getType()	Returns the media type of the complete JOSE object.
String[]	getX509CertificateChain()	Returns the X.509 certificates chain that corresponds to the key that was used to secure the JOSE object.
String	getX509CertificateSHA1Thumbprint()	Returns the X.509 SHA1 thumbprint of the certificate that corresponds to the key that was used to secure the JOSE object.
String	getX509CertificateSHA256Thumbprint()	Returns the X.509 SHA256 thumbprint of the certificate that corresponds to the key that was used to secure the JOSE object.
URI	getX509CertificateURL()	Returns the URL of the X.509 certificate or certificates chain that corresponds to the key that was used to secure the JOSE object.
int	hashCode()

Method Details

getAlgorithm

String getAlgorithm()

Returns the cryptographic algorithm used to secure the JOSE object.

Depending on the type of JOSE object considered, it might designate a signature or a key management algorithm.

Returns:

a JWA algorithm

getJWKSetURL

URI getJWKSetURL()

Returns the JWK Set URL.

This URL points to a set of JSON-encoded public keys, one of which corresponds to the key used to secure the JOSE object.

Returns:

a URL or null

getJWK

Map<String,Object> getJWK()

Returns the public JWK that corresponds to the key used to secure the JOSE object.

Returns:

a JWK or null

getKeyId

String getKeyId()

Returns the id of the key that was used to secure the JOSE object.

Returns:

a key id or null

getX509CertificateURL

URI getX509CertificateURL()

Returns the URL of the X.509 certificate or certificates chain that corresponds to the key that was used to secure the JOSE object.

The certificates chain located at the URL must be in PEM format. The certificate containing the public key corresponding to the key that was used to secure the JOSE object must be the first certificate in the chain.

Returns:

a URL or null

getX509CertificateChain

String[] getX509CertificateChain()

Returns the X.509 certificates chain that corresponds to the key that was used to secure the JOSE object.

The certificates chain is represented as an array of Base64URL encoded DER PKIX certificates. The certificate containing the public key corresponding to the key that was used to secure the JOSE object must be the first certificate in the chain.

Returns:

a certificates chain or null

getX509CertificateSHA1Thumbprint

String getX509CertificateSHA1Thumbprint()

Returns the X.509 SHA1 thumbprint of the certificate that corresponds to the key that was used to secure the JOSE object.

Returns:

an X.509 SHA1 thumbprint or null

getX509CertificateSHA256Thumbprint

String getX509CertificateSHA256Thumbprint()

Returns the X.509 SHA256 thumbprint of the certificate that corresponds to the key that was used to secure the JOSE object.

Returns:

an X.509 SHA256 thumbprint or null

getType

String getType()

Returns the media type of the complete JOSE object.

To keep messages compact in common situations, the application/ prefix of a media type can be omitted when no other / appears in the value.

Returns:

a media type or null

getContentType

String getContentType()

Returns the media type of the JOSE object payload.

To keep messages compact in common situations, the application/ prefix of a media type can be omitted when no other / appears in the value.

Returns:

a media type or null

getCritical

Set<String> getCritical()

Returns the set of custom parameters that must be understood and processed.

Critical parameters are not registered JOSE header parameters and they are present in header's custom parameters.

Returns:

a set of custom parameters or null

getCustomParameters

Map<String,Object> getCustomParameters()

Returns the map of custom parameters.

Returns:

a map of custom parameters

getKey

JWK getKey()

Returns the actual key that was used to secure the JOSE object.

Depending on the context it may refer to the private key that was used to sign/encrypt the JOSE object or to the public key that was used to verify/decrypt the JOSE object.

Returns:

a JWK

getEncoded

String getEncoded()

Returns the header encoded as Base64URL.

Returns:

the Base64URL encoded header without padding

hashCode

int hashCode()

Overrides:

hashCode in class Object

equals

boolean equals(Object obj)

Overrides:

equals in class Object