Search in sources :

Example 1 with Ed25519Signer

use of com.nimbusds.jose.crypto.Ed25519Signer in project conformance-suite by openid-certification.

the class AbstractSignJWT method signJWTUsingKey.

protected Environment signJWTUsingKey(Environment env, JsonObject claims, JWK jwk, String alg) {
    if (claims == null) {
        throw error("Couldn't find claims");
    }
    if (jwk == null) {
        throw error("A JWK is required for signing");
    }
    try {
        JWTClaimsSet claimSet = JWTClaimsSet.parse(claims.toString());
        JWSSigner signer = null;
        if (KeyType.RSA.equals(jwk.getKeyType())) {
            signer = new RSASSASigner((RSAKey) jwk);
        } else if (KeyType.EC.equals(jwk.getKeyType())) {
            signer = new ECDSASigner((ECKey) jwk);
        } else if (KeyType.OCT.equals(jwk.getKeyType())) {
            signer = new MACSigner((OctetSequenceKey) jwk);
        } else if (KeyType.OKP.equals(jwk.getKeyType())) {
            signer = new Ed25519Signer((OctetKeyPair) jwk);
        }
        if (signer == null) {
            throw error("Couldn't create signer from key; kty must be one of 'oct', 'rsa', 'ec'", args("jwk", jwk.toJSONString()));
        }
        JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.parse(alg)).keyID(jwk.getKeyID()).build();
        String jws = performSigning(header, claims, signer);
        String publicKeySetString = (jwk.toPublicJWK() != null ? jwk.toPublicJWK().toString() : null);
        JsonObject verifiableObj = new JsonObject();
        verifiableObj.addProperty("verifiable_jws", jws);
        verifiableObj.addProperty("public_jwk", publicKeySetString);
        logSuccessByJWTType(env, claimSet, jwk, header, jws, verifiableObj);
        return env;
    } catch (ParseException e) {
        throw error(e);
    } catch (JOSEException e) {
        String message = e.getMessage();
        if (e.getCause() != null) {
            message = message + " (" + e.getCause().getMessage() + ")";
        }
        throw error("Unable to sign: " + message, e);
    }
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) MACSigner(com.nimbusds.jose.crypto.MACSigner) ECDSASigner(com.nimbusds.jose.crypto.ECDSASigner) JsonObject(com.google.gson.JsonObject) Ed25519Signer(com.nimbusds.jose.crypto.Ed25519Signer) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) OctetSequenceKey(com.nimbusds.jose.jwk.OctetSequenceKey) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) ParseException(java.text.ParseException) JWSSigner(com.nimbusds.jose.JWSSigner) JOSEException(com.nimbusds.jose.JOSEException) JWSHeader(com.nimbusds.jose.JWSHeader)

Example 2 with Ed25519Signer

use of com.nimbusds.jose.crypto.Ed25519Signer in project gravitee-access-management by gravitee-io.

the class JWSServiceTest method testValidSignature_OKP.

@Test
public void testValidSignature_OKP() throws JOSEException {
    // Generate OKP key
    OctetKeyPair okp = new OctetKeyPairGenerator(Curve.Ed25519).generate();
    OKPKey key = new OKPKey();
    key.setKty("OKP");
    key.setKid(KID);
    key.setCrv(okp.getCurve().getStdName());
    key.setX(okp.getX().toString());
    // Sign JWT with Edward Curve algorithm
    SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.EdDSA).keyID(KID).build(), new JWTClaimsSet.Builder().expirationTime(Date.from(Instant.now().plus(1, ChronoUnit.DAYS))).build());
    signedJWT.sign(new Ed25519Signer(okp));
    assertTrue("Should be ok", jwsService.isValidSignature(signedJWT, key));
}
Also used : Ed25519Signer(com.nimbusds.jose.crypto.Ed25519Signer) OctetKeyPair(com.nimbusds.jose.jwk.OctetKeyPair) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) SignedJWT(com.nimbusds.jwt.SignedJWT) OKPKey(io.gravitee.am.model.jose.OKPKey) JWSHeader(com.nimbusds.jose.JWSHeader) OctetKeyPairGenerator(com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator) Test(org.junit.Test)

Aggregations

JWSHeader (com.nimbusds.jose.JWSHeader)2 Ed25519Signer (com.nimbusds.jose.crypto.Ed25519Signer)2 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2 JsonObject (com.google.gson.JsonObject)1 JOSEException (com.nimbusds.jose.JOSEException)1 JWSSigner (com.nimbusds.jose.JWSSigner)1 ECDSASigner (com.nimbusds.jose.crypto.ECDSASigner)1 MACSigner (com.nimbusds.jose.crypto.MACSigner)1 RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)1 OctetKeyPair (com.nimbusds.jose.jwk.OctetKeyPair)1 OctetSequenceKey (com.nimbusds.jose.jwk.OctetSequenceKey)1 RSAKey (com.nimbusds.jose.jwk.RSAKey)1 OctetKeyPairGenerator (com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator)1 SignedJWT (com.nimbusds.jwt.SignedJWT)1 OKPKey (io.gravitee.am.model.jose.OKPKey)1 ParseException (java.text.ParseException)1 Test (org.junit.Test)1