org.forgerock.json.jose.jws

Class SigningManager

java.lang.Object

org.forgerock.json.jose.jws.SigningManager

public class SigningManager
extends Object

A service to get the appropriate SigningHandler for a specific Java Cryptographic signing algorithm.

For details of all supported signing algorithms see JwsAlgorithm

Since:

2.0.0

Constructor Summary

Constructors

Constructor and Description
SigningManager()

Method Summary

Modifier and Type	Method and Description
SigningHandler	newEcdsaSigningHandler(ECPrivateKey key) Constructs a new handler for signing ES256 signatures.
SigningHandler	newEcdsaSigningHandler(PrivateKey key) Constructs a new handler for signing ES256 signatures.
SigningHandler	newEcdsaVerificationHandler(ECPublicKey key) Constructs a new handler for verifying ES256 signatures.
SigningHandler	newEdDsaSigningHandler(byte[] privateKey) Constructs a new handler for signing EdDSA signatures.
SigningHandler	newEdDsaVerificationHandler(byte[] publicKey) Constructs a new handler for verifying EdDSA signatures.
SigningHandler	newHmacSigningHandler(byte[] sharedSecret) Constructs a new HmacSigningHandler.
SigningHandler	newHmacSigningHandler(SecretKey secretKey) Constructs a new HmacSigningHandler.
SigningHandler	newNopSigningHandler() Constructs an implementation of the SigningHandler which does not perform any signing or verifying.
SigningHandler	newRsaSigningHandler(Key key) Constructs a new RSASigningHandler, with a SignatureUtil instance to delegate the signing and verifying calls to.
SigningHandler	newSigningHandler(JWK jwk) Returns the signing handler from the given JSON Web Key (JWK) which will be used to sign the JWT.
SigningHandler	newSigningHandler(Key key) Returns the signing handler from the given Key which will be used to verify the JWT.
SigningHandler	newVerificationHandler(JWK jwk) Returns the signing handler from the given JSON Web Key (JWK) which will be used to verify the JWT.
SigningHandler	newVerificationHandler(Key key) Returns the signing handler from the given Key which will be used to verify the JWT.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SigningManager

public SigningManager()

Method Detail

newNopSigningHandler

public SigningHandler newNopSigningHandler()

Constructs an implementation of the SigningHandler which does not perform any signing or verifying.

Returns:

an implementation of the SigningHandler which does not perform any signing or verifying.

newHmacSigningHandler

public SigningHandler newHmacSigningHandler(byte[] sharedSecret)

Constructs a new HmacSigningHandler. Callers should prefer to use newHmacSigningHandler(SecretKey) in most cases.

Parameters:

sharedSecret - The shared secret to use to sign the data.

Returns:

a new HmacSigningHandler.

newHmacSigningHandler

public SigningHandler newHmacSigningHandler(SecretKey secretKey)

Constructs a new HmacSigningHandler.

Parameters:

secretKey - The secret key to use to sign the data.

Returns:

a new HmacSigningHandler.

newRsaSigningHandler

public SigningHandler newRsaSigningHandler(Key key)

Constructs a new RSASigningHandler, with a SignatureUtil instance to delegate the signing and verifying calls to.

Parameters:

key - The key used to sign and verify the signature.

Returns:

a new RSASigningHandler, with a SignatureUtil instance to delegate the signing and verifying calls to.

newEcdsaSigningHandler

public SigningHandler newEcdsaSigningHandler(PrivateKey key)

Constructs a new handler for signing ES256 signatures.

Parameters:

key - the elliptic curve private key. Should use the required curve for the given signing algorithm (P-256 for ES256).

Returns:

the signing handler.

newEcdsaSigningHandler

public SigningHandler newEcdsaSigningHandler(ECPrivateKey key)

Constructs a new handler for signing ES256 signatures.

Parameters:

key - the elliptic curve private key. Should use the required curve for the given signing algorithm (P-256 for ES256).

Returns:

the signing handler.

newEcdsaVerificationHandler

public SigningHandler newEcdsaVerificationHandler(ECPublicKey key)

Constructs a new handler for verifying ES256 signatures.

Parameters:

key - the elliptic curve public key. Should use the required curve for the given signing algorithm (P-256 for ES256).

Returns:

the signing handler configured for verification.

newEdDsaSigningHandler

public SigningHandler newEdDsaSigningHandler(byte[] privateKey)

Constructs a new handler for signing EdDSA signatures.

Parameters:

privateKey - the raw private key bytes.

Returns:

the signing handler.

newEdDsaVerificationHandler

public SigningHandler newEdDsaVerificationHandler(byte[] publicKey)

Constructs a new handler for verifying EdDSA signatures.

Parameters:

publicKey - the raw public key bytes.

Returns:

the signing handler.

newSigningHandler

public SigningHandler newSigningHandler(Key key)

Returns the signing handler from the given Key which will be used to verify the JWT.

Parameters:

key - The Key use to sign the JWT.

Returns:

the signing handler to use for signing the JWT.

Throws:

IllegalArgumentException - if no handler can be determined for the given key.

newSigningHandler

public SigningHandler newSigningHandler(JWK jwk)

Returns the signing handler from the given JSON Web Key (JWK) which will be used to sign the JWT.

Parameters:

jwk - The JSON Web Key (JWK).

Returns:

the signing handler to use for signing the JWT.

newVerificationHandler

public SigningHandler newVerificationHandler(Key key)

Returns the signing handler from the given Key which will be used to verify the JWT.

Parameters:

key - The Key use to verify the JWT.

Returns:

the signing handler to use for verifying the JWT.

Throws:

IllegalArgumentException - if no handler can be determined for the given key.

newVerificationHandler

public SigningHandler newVerificationHandler(JWK jwk)

Returns the signing handler from the given JSON Web Key (JWK) which will be used to verify the JWT.

Parameters:

jwk - The JSON Web Key (JWK).

Returns:

the signing handler to use for verifying the JWT.