com.nimbusds.jose.crypto

Class RSASSASigner

java.lang.Object

com.nimbusds.jose.crypto.RSASSASigner

All Implemented Interfaces:

JCAAware<JCAContext>, JOSEProvider, JWSProvider, JWSSigner

@ThreadSafe
public class RSASSASigner
extends Object
implements JWSSigner

RSA Signature-Scheme-with-Appendix (RSASSA) signer of JWS objects. This class is thread-safe.

Supports the following algorithms:

• JWSAlgorithm.RS256
• JWSAlgorithm.RS384
• JWSAlgorithm.RS512
• JWSAlgorithm.PS256
• JWSAlgorithm.PS384
• JWSAlgorithm.PS512

Version:

2016-04-04

Author:

Vladimir Dzhuvinov, Omer Levi Hevroni

Field Summary

Fields

Modifier and Type	Field and Description
static Set<JWSAlgorithm>	SUPPORTED_ALGORITHMS The supported JWS algorithms by the RSA-SSA provider class.

Constructor Summary

Constructors

Constructor and Description
RSASSASigner(PrivateKey privateKey) Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.
RSASSASigner(RSAKey rsaJWK) Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.

Method Summary

Modifier and Type	Method and Description
JCAContext	getJCAContext() Returns the Java Cryptography Architecture (JCA) context.
PrivateKey	getPrivateKey() Gets the private RSA key.
Base64URL	sign(JWSHeader header, byte[] signingInput) Signs the specified input of a JWS object.
Set<JWSAlgorithm>	supportedJWSAlgorithms() Returns the names of the supported algorithms by the JWS provider instance.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.nimbusds.jose.JWSProvider

supportedJWSAlgorithms

Methods inherited from interface com.nimbusds.jose.jca.JCAAware

getJCAContext

Field Detail

SUPPORTED_ALGORITHMS

public static final Set<JWSAlgorithm> SUPPORTED_ALGORITHMS

The supported JWS algorithms by the RSA-SSA provider class.

Constructor Detail

RSASSASigner

public RSASSASigner(PrivateKey privateKey)

Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.

Parameters:

privateKey - The private RSA key. Must not be null.

RSASSASigner

public RSASSASigner(RSAKey rsaJWK)
             throws JOSEException

Creates a new RSA Signature-Scheme-with-Appendix (RSASSA) signer.

Parameters:

rsaJWK - The RSA JSON Web Key (JWK). Must contain a private part. Must not be null.

Throws:

JOSEException - If the RSA JWK doesn't contain a private part or its extraction failed.

Method Detail

getPrivateKey

public PrivateKey getPrivateKey()

Gets the private RSA key.

Returns:

The private RSA key. Casting to RSAPrivateKey may not be possible if the key is backed by a key store that doesn't expose the private key parameters.

sign

public Base64URL sign(JWSHeader header,
                      byte[] signingInput)
               throws JOSEException

Description copied from interface: JWSSigner

Signs the specified input of a JWS object.

Specified by:

sign in interface JWSSigner

Parameters:

header - The JSON Web Signature (JWS) header. Must specify a supported JWS algorithm and must not be null.

signingInput - The input to sign. Must not be null.

Returns:

The resulting signature part (third part) of the JWS object.

Throws:

JOSEException - If the JWS algorithm is not supported, if a critical header parameter is not supported or marked for deferral to the application, or if signing failed for some other internal reason.

supportedJWSAlgorithms

public Set<JWSAlgorithm> supportedJWSAlgorithms()

Description copied from interface: JWSProvider

Returns the names of the supported algorithms by the JWS provider instance. These correspond to the alg JWS header parameter.

Specified by:

supportedJWSAlgorithms in interface JWSProvider

Returns:

The supported JWS algorithms, empty set if none.

getJCAContext

public JCAContext getJCAContext()

Description copied from interface: JCAAware

Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.

Specified by:

getJCAContext in interface JCAAware<JCAContext>

Returns:

The JCA context. Not null.