Package io.fusionauth.jwt.rsa

Class RSASigner

java.lang.Object
io.fusionauth.jwt.rsa.RSASigner
All Implemented Interfaces:
Signer
public class RSASigner extends Object implements Signer
This class can sign a JWT using an RSA Private key.
Author:
Daniel DeGroff

  • Method Details

    • newSHA256Signer

      public static RSASigner newSHA256Signer(String privateKey)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(String privateKey, String kid)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(String privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(String privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(PrivateKey privateKey)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The RSA private key
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(PrivateKey privateKey, String kid)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The RSA private key
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(PrivateKey privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The RSA private key
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA256Signer

      public static RSASigner newSHA256Signer(PrivateKey privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-256 hash.
      Parameters:
      privateKey - The RSA private key
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(String privateKey)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(String privateKey, String kid)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(String privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(String privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(PrivateKey privateKey)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(PrivateKey privateKey, String kid)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(PrivateKey privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA384Signer

      public static RSASigner newSHA384Signer(PrivateKey privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-384 hash.
      Parameters:
      privateKey - The private key.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(String privateKey)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(String privateKey, String kid)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(String privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(String privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key PEM expected to be in PKCS#1 or PKCS#8 format.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(PrivateKey privateKey)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(PrivateKey privateKey, String kid)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(PrivateKey privateKey, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • newSHA512Signer

      public static RSASigner newSHA512Signer(PrivateKey privateKey, String kid, CryptoProvider cryptoProvider)
      Build a new RSA signer using a SHA-512 hash.
      Parameters:
      privateKey - The private key.
      kid - The key identifier. This will be used by the JWTEncoder to write the 'kid' header.
      cryptoProvider - The crypto provider used to get the RSA signature Algorithm.
      Returns:
      a new RSA signer.

    • getAlgorithm

      public Algorithm getAlgorithm()
      Description copied from interface: Signer
      Return the algorithm supported by this signer.
      Specified by:
      getAlgorithm in interface Signer
      Returns:
      the algorithm.

    • getKid

      public String getKid()
      Description copied from interface: Signer
      Return the kid used for this signer.
      Specified by:
      getKid in interface Signer
      Returns:
      the kid

    • sign

      public byte[] sign(String message)
      Description copied from interface: Signer
      Sign the provided message and return the signature.
      Specified by:
      sign in interface Signer
      Parameters:
      message - The JWT payload to sign.
      Returns:
      The message signature in a byte array.