iaik.jades

Class X5TS256Header

java.lang.Object

iaik.jades.X5TS256Header

All Implemented Interfaces:

JWSHeader, ProtectedHeader, UnprotectedHeader

Direct Known Subclasses:

X5THeader

public class X5TS256Header
extends Object
implements UnprotectedHeader

The x5t#S256 (X.509 certificate SHA-256 thumbprint) is a header defined in RFC 7515. It is a base64url-encoded SHA-256 thumbprint of the DER encoding of the X.509 certificate [RFC5280] corresponding to the key used to digitally sign the JWS.

The syntax of the header is:

"x5t#S256": {"type": "string"}

See Also:

X5THeader, X5TOHeader

Field Summary

Fields

Modifier and Type	Field and Description
static String	KEY The json key of the protected header
protected String	thumbprint The base 64 url encoded thumbprint

Constructor Summary

Constructors

Constructor and Description
X5TS256Header(String thumbprint) Creates the header with provided thumbprint.
X5TS256Header(iaik.x509.X509Certificate certificate) Computes the sha256 digest of the provided X509Certificate and base 64 url encodes the resulting octets.

Method Summary

Modifier and Type	Method and Description
String	getJsonKey() Returns the json key of the x5t#S256 header.
protected MessageDigest	getMessageDigest() Returns the message digest instance of this class (SHA-256)
String	getThumbprint() Returns the incorporated thumbprint.
void	writeToJson(com.fasterxml.jackson.core.JsonGenerator jsonGenerator) Writes the Json representation of the x5t#S256 header to the provided JsonGenerator.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEY

public static final String KEY

The json key of the protected header

See Also:

Constant Field Values

thumbprint

protected final String thumbprint

The base 64 url encoded thumbprint

Constructor Detail

X5TS256Header

public X5TS256Header(String thumbprint)

Creates the header with provided thumbprint. The implementation will not check if the thumbprint is correct or correctly encoded.

Parameters:

thumbprint - a base 64 url encoded thumbprint

X5TS256Header

public X5TS256Header(iaik.x509.X509Certificate certificate)
              throws JWSException

Computes the sha256 digest of the provided X509Certificate and base 64 url encodes the resulting octets. Will not check whether the certificate is in fact the signer's certificate.

Parameters:

certificate - the signer's certificate

Throws:

JWSException - if it is not possible to encode the certificate

Method Detail

getThumbprint

public String getThumbprint()

Returns the incorporated thumbprint.

Returns:

the thumbprint

writeToJson

public void writeToJson(com.fasterxml.jackson.core.JsonGenerator jsonGenerator)
                 throws IOException

Writes the Json representation of the x5t#S256 header to the provided JsonGenerator.

Specified by:

writeToJson in interface ProtectedHeader

Parameters:

jsonGenerator - a JsonGenerator for serializing

Throws:

IOException - if it is not possible to write to the provided source

getJsonKey

public String getJsonKey()

Returns the json key of the x5t#S256 header.

Specified by:

getJsonKey in interface JWSHeader

Returns:

"x5t#S256"

getMessageDigest

protected MessageDigest getMessageDigest()

Returns the message digest instance of this class (SHA-256)

Returns:

a sha256 MessageDigest