AESGCMKW (Nimbus JOSE + JWT v7.5.1)

java.lang.Object
- com.nimbusds.jose.crypto.impl.AESGCMKW

```
@ThreadSafe
public class AESGCMKW
extends Object
```
AES GCM methods for Content Encryption Key (CEK) encryption and decryption. This class is thread-safe.
See RFC 7518 (JWA), section 4.7.

Version:

2017-06-01

Author:

Melisa Halsband, Vladimir Dzhuvinov

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static SecretKey`	`decryptCEK(SecretKey kek, byte[] iv, AuthenticatedCipherText authEncrCEK, int keyLength, Provider provider)` Decrypts the specified encrypted Content Encryption Key (CEK).
`static AuthenticatedCipherText`	`encryptCEK(SecretKey cek, Container<byte[]> iv, SecretKey kek, Provider provider)` Encrypts the specified Content Encryption Key (CEK).

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - encryptCEK
```
public static AuthenticatedCipherText encryptCEK(SecretKey cek,
                                                 Container<byte[]> iv,
                                                 SecretKey kek,
                                                 Provider provider)
                                          throws JOSEException
```
    Encrypts the specified Content Encryption Key (CEK).
    
    Parameters:
    
    cek - The Content Encryption Key (CEK) to encrypt. Must not be null.
    
    iv - The initialisation vector (IV). Must not be null. The contained IV must not be null either.
    
    kek - The AES Key Encryption Key (KEK). Must not be null.
    
    provider - The specific JCA provider to use, null implies the default system one.
    
    Returns:
    
    The encrypted Content Encryption Key (CEK).
    
    Throws:
    
    JOSEException - If encryption failed.
  - decryptCEK
```
public static SecretKey decryptCEK(SecretKey kek,
                                   byte[] iv,
                                   AuthenticatedCipherText authEncrCEK,
                                   int keyLength,
                                   Provider provider)
                            throws JOSEException
```
    Decrypts the specified encrypted Content Encryption Key (CEK).
    
    Parameters:
    
    kek - The AES Key Encription Key. Must not be null.
    
    iv - The initialisation vector (IV). Must not be null.
    
    authEncrCEK - The encrypted Content Encryption Key (CEK) to decrypt and authentication tag. Must not be null.
    
    provider - The JCA provider, or null to use the default one.
    
    Returns:
    
    The decrypted Content Encryption Key (CEK).
    
    Throws:
    
    JOSEException - If decryption failed.

Class AESGCMKW

Method Summary

Methods inherited from class java.lang.Object

Method Detail

encryptCEK

decryptCEK