Examples with JwtEcdsaKeyFormat com.google.crypto.tink.proto.JwtEcdsaKeyFormat used on opensource projects

Example 1 with JwtEcdsaKeyFormat

use of com.google.crypto.tink.proto.JwtEcdsaKeyFormat in project tink by google.

the class JwtEcdsaSignKeyManagerTest method createKey_alwaysNewElement_ok.

// Note: we use Theory as a parametrized test -- different from what the Theory framework intends.
@Theory
public void createKey_alwaysNewElement_ok(@FromDataPoints("parametersAlgos") JwtEcdsaAlgorithm algorithm) throws Exception {
    JwtEcdsaKeyFormat format = createKeyFormat(algorithm);
    Set<String> keys = new TreeSet<>();
    // Calls newKey multiple times and make sure that they generate different keys -- takes about a
    // second per key.
    int numTests = 5;
    for (int i = 0; i < numTests; i++) {
        JwtEcdsaPrivateKey key = factory.createKey(format);
        keys.add(TestUtil.hexEncode(key.getKeyValue().toByteArray()));
    }
    assertThat(keys).hasSize(numTests);
}

Example 2 with JwtEcdsaKeyFormat

use of com.google.crypto.tink.proto.JwtEcdsaKeyFormat in project tink by google.

the class JwtEcdsaSignKeyManagerTest method createKeys_ok.

// Note: we use Theory as a parametrized test -- different from what the Theory framework intends.
@Theory
public void createKeys_ok(@FromDataPoints("parametersAlgos") JwtEcdsaAlgorithm algorithm) throws Exception {
    JwtEcdsaKeyFormat format = createKeyFormat(algorithm);
    JwtEcdsaPrivateKey key = factory.createKey(format);
    checkConsistency(key, format);
}

Example 3 with JwtEcdsaKeyFormat

use of com.google.crypto.tink.proto.JwtEcdsaKeyFormat in project tink by google.

the class JwtEcdsaSignKeyManagerTest method checkTemplate.

private static void checkTemplate(KeyTemplate template, JwtEcdsaAlgorithm algorithm) throws Exception {
    assertThat(template.getTypeUrl()).isEqualTo(new JwtEcdsaSignKeyManager().getKeyType());
    assertThat(template.getOutputPrefixType()).isEqualTo(KeyTemplate.OutputPrefixType.RAW);
    JwtEcdsaKeyFormat format = JwtEcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertThat(format.getAlgorithm()).isEqualTo(algorithm);
}

Example 4 with JwtEcdsaKeyFormat

use of com.google.crypto.tink.proto.JwtEcdsaKeyFormat in project tink by google.

the class JwtEcdsaSignKeyManager method keyFactory.

@Override
public KeyFactory<JwtEcdsaKeyFormat, JwtEcdsaPrivateKey> keyFactory() {
    return new KeyFactory<JwtEcdsaKeyFormat, JwtEcdsaPrivateKey>(JwtEcdsaKeyFormat.class) {

        @Override
        public void validateKeyFormat(JwtEcdsaKeyFormat format) throws GeneralSecurityException {
            JwtEcdsaVerifyKeyManager.validateEcdsaAlgorithm(format.getAlgorithm());
        }

        @Override
        public JwtEcdsaKeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
            return JwtEcdsaKeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
        }

        @Override
        public JwtEcdsaPrivateKey deriveKey(JwtEcdsaKeyFormat format, InputStream inputStream) {
            throw new UnsupportedOperationException();
        }

        @Override
        public JwtEcdsaPrivateKey createKey(JwtEcdsaKeyFormat format) throws GeneralSecurityException {
            JwtEcdsaAlgorithm ecdsaAlgorithm = format.getAlgorithm();
            KeyPair keyPair = EllipticCurves.generateKeyPair(JwtEcdsaVerifyKeyManager.getCurve(format.getAlgorithm()));
            ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
            ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
            ECPoint w = pubKey.getW();
            // Creates JwtEcdsaPublicKey.
            JwtEcdsaPublicKey ecdsaPubKey = JwtEcdsaPublicKey.newBuilder().setVersion(getVersion()).setAlgorithm(ecdsaAlgorithm).setX(ByteString.copyFrom(w.getAffineX().toByteArray())).setY(ByteString.copyFrom(w.getAffineY().toByteArray())).build();
            // Creates JwtEcdsaPrivateKey.
            return JwtEcdsaPrivateKey.newBuilder().setVersion(getVersion()).setPublicKey(ecdsaPubKey).setKeyValue(ByteString.copyFrom(privKey.getS().toByteArray())).build();
        }

        /**
         * List of default templates to generate tokens with algorithms "ES256", "ES384" or "ES512".
         * Use the template with the "_RAW" suffix if you want to generate tokens without a "kid"
         * header.
         */
        @Override
        public Map<String, KeyFactory.KeyFormat<JwtEcdsaKeyFormat>> keyFormats() {
            Map<String, KeyFactory.KeyFormat<JwtEcdsaKeyFormat>> result = new HashMap<>();
            result.put("JWT_ES256_RAW", createKeyFormat(JwtEcdsaAlgorithm.ES256, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_ES256", createKeyFormat(JwtEcdsaAlgorithm.ES256, KeyTemplate.OutputPrefixType.TINK));
            result.put("JWT_ES384_RAW", createKeyFormat(JwtEcdsaAlgorithm.ES384, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_ES384", createKeyFormat(JwtEcdsaAlgorithm.ES384, KeyTemplate.OutputPrefixType.TINK));
            result.put("JWT_ES512_RAW", createKeyFormat(JwtEcdsaAlgorithm.ES512, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_ES512", createKeyFormat(JwtEcdsaAlgorithm.ES512, KeyTemplate.OutputPrefixType.TINK));
            return Collections.unmodifiableMap(result);
        }
    };
}

Example 5 with JwtEcdsaKeyFormat

use of com.google.crypto.tink.proto.JwtEcdsaKeyFormat in project tink by google.

the class JwtEcdsaSignKeyManagerTest method validateKeyFormat_ok.

// Note: we use Theory as a parametrized test -- different from what the Theory framework intends.
@Theory
public void validateKeyFormat_ok(@FromDataPoints("parametersAlgos") JwtEcdsaAlgorithm algorithm) throws GeneralSecurityException {
    JwtEcdsaKeyFormat format = createKeyFormat(algorithm);
    factory.validateKeyFormat(format);
}