Package org.webpki.jose.jws

package org.webpki.jose.jws

Basic JWS and JWS/CT support

Signing Data

Create a JWS Compact Serialization Object:
// Initialize a signer
JWSAsymKeySigner signer = new JWSAsymKeySigner(privateKey);
// Here you would typically set a key identifier...
// Sign binary data. Argument #2 false = "standard" mode.
String jwsString = signer.sign(jwsPayload, false);
Create a JWS/CT Object:
// Initialize a signer
JWSAsymKeySigner signer = new JWSAsymKeySigner(privateKey);
// Here you would typically set a key identifier...
// Sign JSON object
JSONObjectWriter jwsCtObject = signer.sign(jsonObjectToSign, signatureProperty);

Validate Signature and Fetch Payload Data

The following is a bit simplistic since you typically need to first parse the data and signature header in order to figure out which validation key to use. The JWSDecoder object provides the necessary functionality.
Validate a JWS Compact Serialization Object:
// Decode JWS data
JWSDecoder jwsDecoder = new JWSDecoder(jwsString);
// Here you would typically look for a key identifier...
// Initialize a validator
JWSAsymSignatureValidator validator = new JWSAsymSignatureValidator(publicKey);
// Validate signature and fetch binary payload
byte[] data = validator.validate(jwsDecoder).getPayload();
Validate a JWS/CT Object:
// Decode JWS/CT object
JWSDecoder jwsDecoder = new JWSDecoder(jwsCtObject, signatureProperty);
// Here you would typically look for a key identifier...
// Initialize a validator
JWSAsymSignatureValidator validator = new JWSAsymSignatureValidator(publicKey);
// Validate signature (the JSON data is already available in the jwsCtObject).
validator.validate(jwsDecoder);