View Javadoc
1   /*
2    * The contents of this file are subject to the terms of the Common Development and
3    * Distribution License (the License). You may not use this file except in compliance with the
4    * License.
5    *
6    * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
7    * specific language governing permission and limitations under the License.
8    *
9    * When distributing Covered Software, include this CDDL Header Notice in each file and include
10   * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
11   * Header, with the fields enclosed by brackets [] replaced by your own identifying
12   * information: "Portions copyright [year] [name of copyright owner]".
13   *
14   * Copyright 2013-2016 ForgeRock AS.
15   */
16  
17  package org.forgerock.json.jose.jws;
18  
19  import java.security.Key;
20  import java.security.interfaces.ECPrivateKey;
21  import java.security.interfaces.ECPublicKey;
22  
23  import org.forgerock.json.jose.jws.handlers.ECDSASigningHandler;
24  import org.forgerock.json.jose.jws.handlers.HmacSigningHandler;
25  import org.forgerock.json.jose.jws.handlers.NOPSigningHandler;
26  import org.forgerock.json.jose.jws.handlers.RSASigningHandler;
27  import org.forgerock.json.jose.jws.handlers.SigningHandler;
28  import org.forgerock.util.SignatureUtil;
29  
30  /**
31   * A service to get the appropriate SigningHandler for a specific Java Cryptographic signing algorithm.
32   * <p>
33   * For details of all supported signing algorithms see {@link JwsAlgorithm}
34   *
35   * @since 2.0.0
36   */
37  public class SigningManager {
38  
39      private final SignatureUtil signatureUtil = SignatureUtil.getInstance();
40  
41      /**
42       * Constructs an implementation of the SigningHandler which does not perform
43       * any signing or verifying.
44       *
45       * @return an implementation of the SigningHandler which does not perform
46       *         any signing or verifying.
47       */
48      public SigningHandler newNopSigningHandler() {
49          return new NOPSigningHandler();
50      }
51  
52      /**
53       * Constructs a new HmacSigningHandler.
54       *
55       * @param sharedSecret
56       *            The shared secret to use to sign the data.
57       * @return a new HmacSigningHandler.
58       */
59      public SigningHandler newHmacSigningHandler(byte[] sharedSecret) {
60          return new HmacSigningHandler(sharedSecret);
61      }
62  
63      /**
64       * Constructs a new RSASigningHandler, with a SignatureUtil instance to
65       * delegate the signing and verifying calls to.
66       *
67       * @param key
68       *            The key used to sign and verify the signature.
69       * @return a new RSASigningHandler, with a SignatureUtil instance to
70       *         delegate the signing and verifying calls to.
71       */
72      public SigningHandler newRsaSigningHandler(Key key) {
73          return new RSASigningHandler(key, signatureUtil);
74      }
75  
76      /**
77       * Constructs a new handler for signing ES256 signatures.
78       *
79       * @param key the elliptic curve private key. Should use the required curve for the given signing algorithm
80       *            (P-256 for ES256).
81       * @return the signing handler.
82       */
83      public SigningHandler newEcdsaSigningHandler(ECPrivateKey key) {
84          return new ECDSASigningHandler(key);
85      }
86  
87      /**
88       * Constructs a new handler for verifying ES256 signatures.
89       * @param key the elliptic curve public key. Should use the required curve for the given signing algorithm (P-256
90       *            for ES256).
91       * @return the signing handler configured for verification.
92       */
93      public SigningHandler newEcdsaVerificationHandler(ECPublicKey key) {
94          return new ECDSASigningHandler(key);
95      }
96  
97  }