Class SignatureServiceImpl
java.lang.Object
co.ankatech.ankasecure.sdk.internal.service.impl.SignatureServiceImpl
- All Implemented Interfaces:
SignatureService
Thread-safe implementation of
SignatureService.-
Constructor Summary
ConstructorsConstructorDescriptionSignatureServiceImpl(co.ankatech.ankasecure.openapi.client.AnkaSecureOpenApiClient api) -
Method Summary
Modifier and TypeMethodDescriptionresignBytes(String newKid, String oldJws) Re-sign a Compact JWS switching tonewKid.resignFile(String newKid, Path oldJws, Path newJws) resignFileStream(Path oldJws, String newKid, Path input, Path newSigOut) Re-sign a detached-payload JWS in streaming mode.
The existing *General-JSON* header (containing the oldkid) is supplied inoldJwsHeader.Sign an in-memory payload with a server-side **private** key.signFileStream(String kid, Path input, Path sigOut) verifySignature(Path jwsFile) verifySignatureBytes(String jwsToken) Verify a Compact JWS that is fully in memory.
-
Constructor Details
-
SignatureServiceImpl
public SignatureServiceImpl(co.ankatech.ankasecure.openapi.client.AnkaSecureOpenApiClient api)
-
-
Method Details
-
signFile
- Specified by:
signFilein interfaceSignatureService- Throws:
AnkaSecureSdkException
-
verifySignature
- Specified by:
verifySignaturein interfaceSignatureService- Throws:
AnkaSecureSdkException
-
resignFile
public ResignResult resignFile(String newKid, Path oldJws, Path newJws) throws AnkaSecureSdkException - Specified by:
resignFilein interfaceSignatureService- Throws:
AnkaSecureSdkException
-
signFileStream
- Specified by:
signFileStreamin interfaceSignatureService- Throws:
AnkaSecureSdkException
-
resignFileStream
public ResignResult resignFileStream(Path oldJws, String newKid, Path input, Path newSigOut) throws AnkaSecureSdkException Description copied from interface:SignatureServiceRe-sign a detached-payload JWS in streaming mode.
The existing *General-JSON* header (containing the oldkid) is supplied inoldJwsHeader. The payload itself is streamed frominput.- Specified by:
resignFileStreamin interfaceSignatureService- Parameters:
oldJws- UTF-8 file that contains the original JWS header (General-JSON, detached payload)newKid- key identifier that must sign the refreshed JWSinput- data whose signature is being replacednewSigOut- destination file that will receive the new signature- Throws:
AnkaSecureSdkException
-
signBytes
Sign an in-memory payload with a server-side **private** key.- Specified by:
signBytesin interfaceSignatureService- Parameters:
kid- private-key ID in Anka Secure (must not benull)data- bytes to be signed (must not benull)- Returns:
SignResultcontaining the detached Compact JWS and metadata- Throws:
AnkaSecureSdkException- on validation or remote failure
-
verifySignatureBytes
Verify a Compact JWS that is fully in memory.- Specified by:
verifySignatureBytesin interfaceSignatureService- Parameters:
jwsToken- textual Compact JWS (UTF-8)- Returns:
- outcome, metadata, and Base64 payload
- Throws:
AnkaSecureSdkException- on validation or remote failure
-
resignBytes
Re-sign a Compact JWS switching tonewKid.- Specified by:
resignBytesin interfaceSignatureService- Parameters:
newKid- private-key ID that must generate the new signatureoldJws- existing Compact JWS (UTF-8)- Returns:
- dual-key metadata plus the new token
- Throws:
AnkaSecureSdkException- on validation or remote failure
-