io.fusionauth.jwt.rsa

Class RSASigner

java.lang.Object

io.fusionauth.jwt.rsa.RSASigner

All Implemented Interfaces:

Signer

public class RSASigner
extends Object
implements Signer

This class can sign a JWT using an RSA Private key.

Author:

Daniel DeGroff

Method Summary

Modifier and Type	Method and Description
Algorithm	getAlgorithm() Return the algorithm supported by this signer.
String	getKid() Return the kid used for this signer.
static RSASigner	newSHA256Signer(String privateKey) Build a new RSA signer using a SHA-256 hash.
static RSASigner	newSHA256Signer(String privateKey, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-256 hash.
static RSASigner	newSHA256Signer(String privateKey, String kid) Build a new RSA signer using a SHA-256 hash.
static RSASigner	newSHA256Signer(String privateKey, String kid, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-256 hash.
static RSASigner	newSHA384Signer(String privateKey) Build a new RSA signer using a SHA-384 hash.
static RSASigner	newSHA384Signer(String privateKey, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-384 hash.
static RSASigner	newSHA384Signer(String privateKey, String kid) Build a new RSA signer using a SHA-384 hash.
static RSASigner	newSHA384Signer(String privateKey, String kid, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-384 hash.
static RSASigner	newSHA512Signer(String privateKey) Build a new RSA signer using a SHA-512 hash.
static RSASigner	newSHA512Signer(String privateKey, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-512 hash.
static RSASigner	newSHA512Signer(String privateKey, String kid) Build a new RSA signer using a SHA-512 hash.
static RSASigner	newSHA512Signer(String privateKey, String kid, CryptoProvider cryptoProvider) Build a new RSA signer using a SHA-512 hash.
byte[]	sign(String message) Sign the provided message and return the signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

newSHA256Signer

public static RSASigner newSHA256Signer(String privateKey,
                                        String kid)

Build a new RSA signer using a SHA-256 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

Returns:

a new RSA signer.

newSHA256Signer

public static RSASigner newSHA256Signer(String privateKey)

Build a new RSA signer using a SHA-256 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

Returns:

a new RSA signer.

newSHA256Signer

public static RSASigner newSHA256Signer(String privateKey,
                                        String kid,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-256 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

newSHA256Signer

public static RSASigner newSHA256Signer(String privateKey,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-256 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

newSHA384Signer

public static RSASigner newSHA384Signer(String privateKey,
                                        String kid)

Build a new RSA signer using a SHA-384 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

Returns:

a new RSA signer.

newSHA384Signer

public static RSASigner newSHA384Signer(String privateKey)

Build a new RSA signer using a SHA-384 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

Returns:

a new RSA signer.

newSHA384Signer

public static RSASigner newSHA384Signer(String privateKey,
                                        String kid,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-384 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

newSHA384Signer

public static RSASigner newSHA384Signer(String privateKey,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-384 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

newSHA512Signer

public static RSASigner newSHA512Signer(String privateKey,
                                        String kid)

Build a new RSA signer using a SHA-512 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

Returns:

a new RSA signer.

newSHA512Signer

public static RSASigner newSHA512Signer(String privateKey)

Build a new RSA signer using a SHA-512 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

Returns:

a new RSA signer.

newSHA512Signer

public static RSASigner newSHA512Signer(String privateKey,
                                        String kid,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-512 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

newSHA512Signer

public static RSASigner newSHA512Signer(String privateKey,
                                        CryptoProvider cryptoProvider)

Build a new RSA signer using a SHA-512 hash.

Parameters:

privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.

cryptoProvider - The crypto provider used to get the RSA signature Algorithm.

Returns:

a new RSA signer.

getAlgorithm

public Algorithm getAlgorithm()

Description copied from interface: Signer

Return the algorithm supported by this signer.

Specified by:

getAlgorithm in interface Signer

Returns:

the algorithm.

getKid

public String getKid()

Description copied from interface: Signer

Return the kid used for this signer.

Specified by:

getKid in interface Signer

Returns:

the kid

sign

public byte[] sign(String message)

Description copied from interface: Signer

Sign the provided message and return the signature.

Specified by:

sign in interface Signer

Parameters:

message - The JWT payload to sign.

Returns:

The message signature in a byte array.