org.springframework.security.oauth.common.signature

Class RSA_SHA1SignatureMethod

java.lang.Object

org.springframework.security.oauth.common.signature.RSA_SHA1SignatureMethod

All Implemented Interfaces:

OAuthSignatureMethod

Deprecated.

The OAuth 1.0 Protocol RFC 5849 is obsoleted by the OAuth 2.0 Authorization Framework RFC 6749.

@Deprecated
public class RSA_SHA1SignatureMethod
extends Object
implements OAuthSignatureMethod

RSA-SHA1 signature method. The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in RFC3447 section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for EMSA-PKCS1-v1_5.

Author:

Ryan Heaton

Field Summary

Fields

Modifier and Type	Field and Description
static String	SIGNATURE_NAME Deprecated. The name of this RSA-SHA1 signature method ("RSA-SHA1").

Constructor Summary

Constructors

Constructor and Description
RSA_SHA1SignatureMethod(PrivateKey key) Deprecated. Construct a RSA-SHA1 signature method with the given RSA-SHA1 private key.
RSA_SHA1SignatureMethod(PrivateKey privateKey, PublicKey publicKey) Deprecated. Construct a RSA-SHA1 signature method with the given RSA-SHA1 public/private key pair.
RSA_SHA1SignatureMethod(PublicKey key) Deprecated. Construct a RSA-SHA1 signature method with the given RSA-SHA1 public key.

Method Summary

Modifier and Type	Method and Description
String	getName() Deprecated. The name of this RSA-SHA1 signature method ("RSA-SHA1").
PrivateKey	getPrivateKey() Deprecated. The private key.
PublicKey	getPublicKey() Deprecated. The private key.
String	sign(String signatureBaseString) Deprecated. The Signature Base String is signed using the Consumer’s RSA private key per RFC3447 section 8.2.1, where K is the Consumer’s RSA private key, M the Signature Base String, and S is the result signature octet string: S = RSASSA-PKCS1-V1_5-SIGN (K, M) oauth_signature is set to S, first base64-encoded per RFC2045 section 6.8, then URL-encoded per Parameter Encoding.
void	verify(String signatureBaseString, String signature) Deprecated. Verify the signature of the given signature base string.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SIGNATURE_NAME

public static final String SIGNATURE_NAME

Deprecated.

The name of this RSA-SHA1 signature method ("RSA-SHA1").

See Also:

Constant Field Values

Constructor Detail

RSA_SHA1SignatureMethod

public RSA_SHA1SignatureMethod(PrivateKey privateKey,
                               PublicKey publicKey)

Deprecated.

Construct a RSA-SHA1 signature method with the given RSA-SHA1 public/private key pair.

Parameters:

privateKey - The private key.

publicKey - The public key.

RSA_SHA1SignatureMethod

public RSA_SHA1SignatureMethod(PrivateKey key)

Deprecated.

Construct a RSA-SHA1 signature method with the given RSA-SHA1 private key. This constructor is to be used by the consumer (who has access to its own private key).

Parameters:

key - The key.

RSA_SHA1SignatureMethod

public RSA_SHA1SignatureMethod(PublicKey key)

Deprecated.

Construct a RSA-SHA1 signature method with the given RSA-SHA1 public key. This constructor is to be used by the provider (who has access to the public key of the consumer).

Parameters:

key - The key.

Method Detail

getName

public String getName()

Deprecated.

The name of this RSA-SHA1 signature method ("RSA-SHA1").

Specified by:

getName in interface OAuthSignatureMethod

Returns:

The name of this RSA-SHA1 signature method.

sign

public String sign(String signatureBaseString)

Deprecated.

The Signature Base String is signed using the Consumer’s RSA private key per RFC3447 section 8.2.1, where K is the Consumer’s RSA private key, M the Signature Base String, and S is the result signature octet string: S = RSASSA-PKCS1-V1_5-SIGN (K, M) oauth_signature is set to S, first base64-encoded per RFC2045 section 6.8, then URL-encoded per Parameter Encoding.

Specified by:

sign in interface OAuthSignatureMethod

Parameters:

signatureBaseString - The signature base string.

Returns:

The signature.

Throws:

UnsupportedOperationException - If there is no private key.

verify

public void verify(String signatureBaseString,
                   String signature)
            throws InvalidSignatureException

Deprecated.

Verify the signature of the given signature base string. The signature is verified by generating a new request signature octet string, and comparing it to the signature provided by the Consumer, first URL-decoded per Parameter Encoding, then base64-decoded per RFC2045 section 6.8. The signature is generated using the request parameters as provided by the Consumer, and the Consumer Secret and Token Secret as stored by the Service Provider.

Specified by:

verify in interface OAuthSignatureMethod

Parameters:

signatureBaseString - The signature base string.

signature - The signature.

Throws:

InvalidSignatureException - If the signature is invalid for the specified base string.

UnsupportedOperationException - If there is no public key.

getPrivateKey

public PrivateKey getPrivateKey()

Deprecated.

The private key.

Returns:

The private key.

getPublicKey

public PublicKey getPublicKey()

Deprecated.

The private key.

Returns:

The private key.