use of com.nimbusds.jose.crypto.Ed25519Signer in project conformance-suite by openid-certification.
the class AbstractSignJWT method signJWTUsingKey.
protected Environment signJWTUsingKey(Environment env, JsonObject claims, JWK jwk, String alg) {
if (claims == null) {
throw error("Couldn't find claims");
}
if (jwk == null) {
throw error("A JWK is required for signing");
}
try {
JWTClaimsSet claimSet = JWTClaimsSet.parse(claims.toString());
JWSSigner signer = null;
if (KeyType.RSA.equals(jwk.getKeyType())) {
signer = new RSASSASigner((RSAKey) jwk);
} else if (KeyType.EC.equals(jwk.getKeyType())) {
signer = new ECDSASigner((ECKey) jwk);
} else if (KeyType.OCT.equals(jwk.getKeyType())) {
signer = new MACSigner((OctetSequenceKey) jwk);
} else if (KeyType.OKP.equals(jwk.getKeyType())) {
signer = new Ed25519Signer((OctetKeyPair) jwk);
}
if (signer == null) {
throw error("Couldn't create signer from key; kty must be one of 'oct', 'rsa', 'ec'", args("jwk", jwk.toJSONString()));
}
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.parse(alg)).keyID(jwk.getKeyID()).build();
String jws = performSigning(header, claims, signer);
String publicKeySetString = (jwk.toPublicJWK() != null ? jwk.toPublicJWK().toString() : null);
JsonObject verifiableObj = new JsonObject();
verifiableObj.addProperty("verifiable_jws", jws);
verifiableObj.addProperty("public_jwk", publicKeySetString);
logSuccessByJWTType(env, claimSet, jwk, header, jws, verifiableObj);
return env;
} catch (ParseException e) {
throw error(e);
} catch (JOSEException e) {
String message = e.getMessage();
if (e.getCause() != null) {
message = message + " (" + e.getCause().getMessage() + ")";
}
throw error("Unable to sign: " + message, e);
}
}
use of com.nimbusds.jose.crypto.Ed25519Signer in project gravitee-access-management by gravitee-io.
the class JWSServiceTest method testValidSignature_OKP.
@Test
public void testValidSignature_OKP() throws JOSEException {
// Generate OKP key
OctetKeyPair okp = new OctetKeyPairGenerator(Curve.Ed25519).generate();
OKPKey key = new OKPKey();
key.setKty("OKP");
key.setKid(KID);
key.setCrv(okp.getCurve().getStdName());
key.setX(okp.getX().toString());
// Sign JWT with Edward Curve algorithm
SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.EdDSA).keyID(KID).build(), new JWTClaimsSet.Builder().expirationTime(Date.from(Instant.now().plus(1, ChronoUnit.DAYS))).build());
signedJWT.sign(new Ed25519Signer(okp));
assertTrue("Should be ok", jwsService.isValidSignature(signedJWT, key));
}
Aggregations