jwtk · lhazlewood · Aug 22, 2025 · Aug 22, 2025 · Aug 22, 2025 · Aug 22, 2025
diff --git a/README.adoc b/README.adoc
@@ -738,7 +738,7 @@ import java.security.Key;
 
 // We need a signing key, so we'll create one just for this example. Usually
 // the key would be read from your application configuration instead.
-SecretKey key = Jwts.SIG.HS256.key().build();
+SecretKey key = Jws.alg.HS256.key().build();
 
 String jws = Jwts.builder().subject("Joe").signWith(key).compact();
 ----
@@ -1611,7 +1611,7 @@ key algorithms:
 
 ^*2*.{sp}{fn-require-java15-plus}^
 
-These are all represented as constants in the `io.jsonwebtoken.Jwts.SIG` registry class.
+These are all represented as constants in the `io.jsonwebtoken.Jws.alg` registry class.
 
 +++<a name="jws-key">++++++</a>+++
 
@@ -1705,7 +1705,7 @@ algorithm's `key()` builder method:
 
 [,java]
 ----
-SecretKey key = Jwts.SIG.HS256.key().build(); //or HS384.key() or HS512.key()
+SecretKey key = Jws.alg.HS256.key().build(); //or HS384.key() or HS512.key()
 ----
 
 Under the hood, JJWT uses the JCA default provider's `KeyGenerator` to create a secure-random key with the correct
@@ -1716,7 +1716,7 @@ as builder arguments. For example:
 
 [,java]
 ----
-SecretKey key = Jwts.SIG.HS256.key().provider(aProvider).random(aSecureRandom).build();
+SecretKey key = Jws.alg.HS256.key().provider(aProvider).random(aSecureRandom).build();
 ----
 
 If you need to save this new `SecretKey`, you can Base64 (or Base64URL) encode it:
@@ -1739,7 +1739,7 @@ algorithms, use an algorithm's respective `keyPair()` builder method:
 
 [,java]
 ----
-KeyPair keyPair = Jwts.SIG.RS256.keyPair().build(); //or RS384, RS512, PS256, etc...
+KeyPair keyPair = Jws.alg.RS256.keyPair().build(); //or RS384, RS512, PS256, etc...
 ----
 
 Once you've generated a `KeyPair`, you can use the private key (`keyPair.getPrivate()`) to create a JWS and the
@@ -1874,7 +1874,7 @@ that accepts the `SignatureAlgorithm` as an additional argument:
 [,java]
 ----
 
-   .signWith(privateKey, Jwts.SIG.RS512) // <---
+   .signWith(privateKey, Jws.alg.RS512) // <---
 
    .compact();
 ----
@@ -2062,7 +2062,7 @@ We need to do three things during creation:
 [,java]
 ----
 // create a test key for this example:
-SecretKey testKey = Jwts.SIG.HS512.key().build();
+SecretKey testKey = Jws.alg.HS512.key().build();
 
 String message = "Hello World. It's a Beautiful Day!";
 byte[] content = message.getBytes(StandardCharsets.UTF_8);
@@ -2105,7 +2105,7 @@ period (`.`) characters_*.
 [,java]
 ----
 // create a test key for this example:
-SecretKey testKey = Jwts.SIG.HS512.key().build();
+SecretKey testKey = Jws.alg.HS512.key().build();
 
 String claimsString = "{\"sub\":\"joe\",\"iss\":\"me\"}";
 
@@ -2225,7 +2225,7 @@ The JWT specification defines 6 standard Authenticated Encryption algorithms use
 | AES GCM using 256-bit key
 |===
 
-These are all represented as constants in the `io.jsonwebtoken.Jwts.ENC` registry singleton as
+These are all represented as constants in the `io.jsonwebtoken.Jwe.alg` registry singleton as
 implementations of the `io.jsonwebtoken.security.AeadAlgorithm` interface.
 
 As shown in the table above, each algorithm requires a key of sufficient length.  The JWT specification
@@ -2370,7 +2370,7 @@ Content Encryption Key (CEK):
 | PBES2 with HMAC SHA-512 and "A256KW" wrapping
 |===
 
-These are all represented as constants in the `io.jsonwebtoken.Jwts.KEY` registry singleton as
+These are all represented as constants in the `io.jsonwebtoken.Jwe.enc` registry singleton as
 implementations of the `io.jsonwebtoken.security.KeyAlgorithm` interface.
 
 But 17 algorithms are a lot to choose from.  When would you use them?  The sections below describe when you might
@@ -3740,7 +3740,7 @@ Example:
 [,java]
 ----
 // Create a test key suitable for the desired HMAC-SHA algorithm:
-MacAlgorithm alg = Jwts.SIG.HS512; //or HS384 or HS256
+MacAlgorithm alg = Jws.alg.HS512; //or HS384 or HS256
 SecretKey key = alg.key().build();
 
 String message = "Hello World!";
@@ -3769,7 +3769,7 @@ public key:
 [,java]
 ----
 // Create a test key suitable for the desired RSA signature algorithm:
-SignatureAlgorithm alg = Jwts.SIG.RS512; //or PS512, RS256, etc...
+SignatureAlgorithm alg = Jws.alg.RS512; //or PS512, RS256, etc...
 KeyPair pair = alg.keyPair().build();
 
 // Bob creates the compact JWS with his RSA private key:
@@ -3802,7 +3802,7 @@ public key:
 [,java]
 ----
 // Create a test key suitable for the desired ECDSA signature algorithm:
-SignatureAlgorithm alg = Jwts.SIG.ES512; //or ES256 or ES384
+SignatureAlgorithm alg = Jws.alg.ES512; //or ES256 or ES384
 KeyPair pair = alg.keyPair().build();
 
 // Bob creates the compact JWS with his EC private key:
@@ -3854,7 +3854,7 @@ KeyPair pair = curve.keyPair().build();
 
 // Bob creates the compact JWS with his Edwards Curve private key:
 String jws = Jwts.builder().subject("Alice")
-    .signWith(pair.getPrivate(), Jwts.SIG.EdDSA) // <-- Bob's Edwards Curve private key w/ EdDSA
+    .signWith(pair.getPrivate(), Jws.alg.EdDSA) // <-- Bob's Edwards Curve private key w/ EdDSA
     .compact();
 
 // Alice receives and verifies the compact JWS came from Bob:
@@ -3891,7 +3891,7 @@ Example:
 ----
 // Create a test key suitable for the desired payload encryption algorithm:
 // (A*GCM algorithms are recommended, but require JDK >= 8 or BouncyCastle)
-AeadAlgorithm enc = Jwts.ENC.A256GCM; //or A128GCM, A192GCM, A256CBC-HS512, etc...
+AeadAlgorithm enc = Jwe.alg.A256GCM; //or A128GCM, A192GCM, A256CBC-HS512, etc...
 SecretKey key = enc.key().build();
 
 String message = "Live long and prosper.";
@@ -3922,12 +3922,12 @@ decrypt the JWT using her RSA private key:
 [,java]
 ----
 // Create a test KeyPair suitable for the desired RSA key algorithm:
-KeyPair pair = Jwts.SIG.RS512.keyPair().build();
+KeyPair pair = Jws.alg.RS512.keyPair().build();
 
 // Choose the key algorithm used encrypt the payload key:
 KeyAlgorithm<PublicKey, PrivateKey> alg = Jwts.KEY.RSA_OAEP_256; //or RSA_OAEP or RSA1_5
 // Choose the Encryption Algorithm to encrypt the payload:
-AeadAlgorithm enc = Jwts.ENC.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
+AeadAlgorithm enc = Jwe.alg.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
 
 // Bob creates the compact JWE with Alice's RSA public key so only she may read it:
 String jwe = Jwts.builder().audience().add("Alice").and()
@@ -3964,7 +3964,7 @@ SecretKeyAlgorithm alg = Jwts.KEY.A256GCMKW; //or A192GCMKW, A128GCMKW, A256KW,
 SecretKey key = alg.key().build();
 
 // Chooose the Encryption Algorithm used to encrypt the payload:
-AeadAlgorithm enc = Jwts.ENC.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
+AeadAlgorithm enc = Jwe.alg.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
 
 // Create the compact JWE:
 String jwe = Jwts.builder().issuer("me").encryptWith(key, alg, enc).compact();
@@ -3994,12 +3994,12 @@ Alice can then decrypt the JWT using her Elliptic Curve private key:
 [,java]
 ----
 // Create a test KeyPair suitable for the desired EC key algorithm:
-KeyPair pair = Jwts.SIG.ES512.keyPair().build();
+KeyPair pair = Jws.alg.ES512.keyPair().build();
 
 // Choose the key algorithm used encrypt the payload key:
 KeyAlgorithm<PublicKey, PrivateKey> alg = Jwts.KEY.ECDH_ES_A256KW; //ECDH_ES_A192KW, etc...
 // Choose the Encryption Algorithm to encrypt the payload:
-AeadAlgorithm enc = Jwts.ENC.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
+AeadAlgorithm enc = Jwe.alg.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
 
 // Bob creates the compact JWE with Alice's EC public key so only she may read it:
 String jwe = Jwts.builder().audience().add("Alice").and()
@@ -4046,7 +4046,7 @@ KeyAlgorithm<Password, Password> alg = Jwts.KEY.PBES2_HS512_A256KW; //or PBES2_H
 //int pbkdf2Iterations = 120000; //for HS512. Needs to be much higher for smaller hash algs.
 
 // Choose the Encryption Algorithm used to encrypt the payload:
-AeadAlgorithm enc = Jwts.ENC.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
+AeadAlgorithm enc = Jwe.alg.A256GCM; //or A192GCM, A128GCM, A256CBC-HS512, etc...
 
 // Create the compact JWE:
 String jwe = Jwts.builder().issuer("me")
@@ -4070,7 +4070,7 @@ Example creating and parsing a secret JWK:
 
 [,java]
 ----
-SecretKey key = Jwts.SIG.HS512.key().build(); // or HS384 or HS256
+SecretKey key = Jws.alg.HS512.key().build(); // or HS384 or HS256
 SecretJwk jwk = Jwks.builder().key(key).idFromThumbprint().build();
 
 assert jwk.getId().equals(jwk.thumbprint().toString());
@@ -4092,7 +4092,7 @@ Example creating and parsing an RSA Public JWK:
 
 [,java]
 ----
-RSAPublicKey key = (RSAPublicKey)Jwts.SIG.RS512.keyPair().build().getPublic();
+RSAPublicKey key = (RSAPublicKey)Jws.alg.RS512.keyPair().build().getPublic();
 RsaPublicJwk jwk = Jwks.builder().key(key).idFromThumbprint().build();
 
 assert jwk.getId().equals(jwk.thumbprint().toString());
@@ -4114,7 +4114,7 @@ Example creating and parsing an RSA Private JWK:
 
 [,java]
 ----
-KeyPair pair = Jwts.SIG.RS512.keyPair().build();
+KeyPair pair = Jws.alg.RS512.keyPair().build();
 RSAPublicKey pubKey = (RSAPublicKey) pair.getPublic();
 RSAPrivateKey privKey = (RSAPrivateKey) pair.getPrivate();
 
@@ -4142,7 +4142,7 @@ Example creating and parsing an Elliptic Curve Public JWK:
 
 [,java]
 ----
-ECPublicKey key = (ECPublicKey) Jwts.SIG.ES512.keyPair().build().getPublic();
+ECPublicKey key = (ECPublicKey) Jws.alg.ES512.keyPair().build().getPublic();
 EcPublicJwk jwk = Jwks.builder().key(key).idFromThumbprint().build();
 
 assert jwk.getId().equals(jwk.thumbprint().toString());
@@ -4164,7 +4164,7 @@ Example creating and parsing an Elliptic Curve Private JWK:
 
 [,java]
 ----
-KeyPair pair = Jwts.SIG.ES512.keyPair().build();
+KeyPair pair = Jws.alg.ES512.keyPair().build();
 ECPublicKey pubKey = (ECPublicKey) pair.getPublic();
 ECPrivateKey privKey = (ECPrivateKey) pair.getPrivate();
 

diff --git a/api/src/main/java/io/jsonwebtoken/Header.java b/api/src/main/java/io/jsonwebtoken/Header.java
@@ -130,14 +130,14 @@ public interface Header extends Map<String, Object> {
      * <ul>
      *     <li>If the JWT is a Signed JWT (a JWS), the <a href="https://tools.ietf.org/html/rfc7515#section-4.1.1">
      *      <code>alg</code></a> (Algorithm) header parameter identifies the cryptographic algorithm used to secure the
-     *      JWS.  Consider using {@link Jwts.SIG}.{@link io.jsonwebtoken.lang.Registry#get(Object) get(id)}
+     *      JWS.  Consider using {@link Jws.alg}.{@link io.jsonwebtoken.lang.Registry#get(Object) get(id)}
      *      to convert this string value to a type-safe {@code SecureDigestAlgorithm} instance.</li>
      *      <li>If the JWT is an Encrypted JWT (a JWE), the
      * <a href="https://tools.ietf.org/html/rfc7516#section-4.1.1"><code>alg</code></a> (Algorithm) header parameter
      * identifies the cryptographic key management algorithm used to encrypt or determine the value of the Content
      * Encryption Key (CEK).  The encrypted content is not usable if the <code>alg</code> value does not represent a
      * supported algorithm, or if the recipient does not have a key that can be used with that algorithm.  Consider
-     * using {@link Jwts.KEY}.{@link io.jsonwebtoken.lang.Registry#get(Object) get(id)} to convert this string value
+     * using {@link Jwe.enc}.{@link io.jsonwebtoken.lang.Registry#get(Object) get(id)} to convert this string value
      * to a type-safe {@link io.jsonwebtoken.security.KeyAlgorithm KeyAlgorithm} instance.</li>
      * </ul>
      *