Search in sources :

Example 6 with GetPublicKeyResult

use of com.amazonaws.services.kms.model.GetPublicKeyResult in project di-authentication-api by alphagov.

the class TokenValidationService method createJwk.

private ECKey createJwk(String keyId) {
    GetPublicKeyRequest getPublicKeyRequest = new GetPublicKeyRequest();
    getPublicKeyRequest.setKeyId(keyId);
    GetPublicKeyResult publicKeyResult = kmsConnectionService.getPublicKey(getPublicKeyRequest);
    PublicKey publicKey = createPublicKey(publicKeyResult);
    return new ECKey.Builder(Curve.P_256, (ECPublicKey) publicKey).keyID(hashSha256String(publicKeyResult.getKeyId())).keyUse(KeyUse.SIGNATURE).algorithm(new Algorithm(JWSAlgorithm.ES256.getName())).build();
}
Also used : GetPublicKeyRequest(com.amazonaws.services.kms.model.GetPublicKeyRequest) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) GetPublicKeyResult(com.amazonaws.services.kms.model.GetPublicKeyResult) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) Algorithm(com.nimbusds.jose.Algorithm)

Aggregations

GetPublicKeyRequest (com.amazonaws.services.kms.model.GetPublicKeyRequest)6 GetPublicKeyResult (com.amazonaws.services.kms.model.GetPublicKeyResult)6 Algorithm (com.nimbusds.jose.Algorithm)2 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)2 PublicKey (java.security.PublicKey)2 ECPublicKey (java.security.interfaces.ECPublicKey)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 AWSKMS (com.amazonaws.services.kms.AWSKMS)1 ECDSASigner (com.nimbusds.jose.crypto.ECDSASigner)1 ECKey (com.nimbusds.jose.jwk.ECKey)1 JWK (com.nimbusds.jose.jwk.JWK)1 Nonce (com.nimbusds.openid.connect.sdk.Nonce)1 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)1 PEMException (org.bouncycastle.openssl.PEMException)1 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)1 Test (org.junit.jupiter.api.Test)1 HashHelper.hashSha256String (uk.gov.di.authentication.shared.helpers.HashHelper.hashSha256String)1