Examples with RSAKey com.nimbusds.jose.jwk.RSAKey used on opensource projects

Search in sources :

Example 11 with RSAKey

use of com.nimbusds.jose.jwk.RSAKey in project oxAuth by GluuFederation.

the class CrossEncryptionTest method decryptAndValidateSignatureWithNimbus.

private void decryptAndValidateSignatureWithNimbus(String jweString) throws ParseException, JOSEException {
    JWK jwk = JWK.parse(recipientJwkJson);
    RSAPrivateKey rsaPrivateKey = ((RSAKey) jwk).toRSAPrivateKey();
    JWEObject jweObject = JWEObject.parse(jweString);
    jweObject.decrypt(new RSADecrypter(rsaPrivateKey));
    SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
    assertNotNull("Payload not a signed JWT", signedJWT);
    RSAKey senderJWK = (RSAKey) JWK.parse(senderJwkJson);
    assertTrue(signedJWT.verify(new RSASSAVerifier(senderJWK)));
    assertEquals("testing", signedJWT.getJWTClaimsSet().getSubject());
    System.out.println("Nimbus decrypt and nested jwt signature verification succeed: " + signedJWT.getJWTClaimsSet().toJSONObject());
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier) SignedJWT(com.nimbusds.jwt.SignedJWT) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) JWK(com.nimbusds.jose.jwk.JWK) RSADecrypter(com.nimbusds.jose.crypto.RSADecrypter)

Example 12 with RSAKey

use of com.nimbusds.jose.jwk.RSAKey in project oxAuth by GluuFederation.

the class CrossEncryptionTest method testDecryptNimbusJoseJwt.

private boolean testDecryptNimbusJoseJwt(String jwe) {
    try {
        EncryptedJWT encryptedJwt = EncryptedJWT.parse(jwe);
        // EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithGluu());
        // EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithNimbus());
        JWK jwk = JWK.parse(recipientJwkJson);
        RSAPrivateKey rsaPrivateKey = ((RSAKey) jwk).toRSAPrivateKey();
        JWEDecrypter decrypter = new RSADecrypter(rsaPrivateKey);
        decrypter.getJCAContext().setProvider(BouncyCastleProviderSingleton.getInstance());
        encryptedJwt.decrypt(decrypter);
        final String decryptedPayload = new String(Base64Util.base64urldecode(encryptedJwt.getPayload().toString()));
        System.out.println("Nimbusds decrypt succeed: " + decryptedPayload);
        if (isJsonEqual(decryptedPayload, PAYLOAD)) {
            return true;
        }
    } catch (Exception e) {
        System.out.println("Nimbusds decrypt failed: " + e.getMessage());
        e.printStackTrace();
    }
    return false;
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) EncryptedJWT(com.nimbusds.jwt.EncryptedJWT) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) JSONException(org.json.JSONException) ParseException(java.text.ParseException) InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException) IOException(java.io.IOException) InvalidJweException(org.gluu.oxauth.model.exception.InvalidJweException) JWK(com.nimbusds.jose.jwk.JWK) RSADecrypter(com.nimbusds.jose.crypto.RSADecrypter)

Example 13 with RSAKey

use of com.nimbusds.jose.jwk.RSAKey in project oxAuth by GluuFederation.

the class CrossEncryptionTest method nestedJWTProducedByGluu.

@Test
public void nestedJWTProducedByGluu() throws Exception {
    AppConfiguration appConfiguration = new AppConfiguration();
    List<JSONWebKey> keyArrayList = new ArrayList<JSONWebKey>();
    keyArrayList.add(getSenderWebKey());
    JSONWebKeySet keySet = new JSONWebKeySet();
    keySet.setKeys(keyArrayList);
    final JwtSigner jwtSigner = new JwtSigner(appConfiguration, keySet, SignatureAlgorithm.RS256, "audience", null, new AbstractCryptoProvider() {

        @Override
        public JSONObject generateKey(Algorithm algorithm, Long expirationTime, Use use) throws Exception {
            return null;
        }

        @Override
        public JSONObject generateKey(Algorithm algorithm, Long expirationTime, Use use, int keyLength) throws Exception {
            return null;
        }

        @Override
        public boolean containsKey(String keyId) {
            return false;
        }

        @Override
        public String sign(String signingInput, String keyId, String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws Exception {
            RSAPrivateKey privateKey = ((RSAKey) JWK.parse(senderJwkJson)).toRSAPrivateKey();
            Signature signature = Signature.getInstance(signatureAlgorithm.getAlgorithm(), "BC");
            signature.initSign(privateKey);
            signature.update(signingInput.getBytes());
            return Base64Util.base64urlencode(signature.sign());
        }

        @Override
        public boolean verifySignature(String signingInput, String encodedSignature, String keyId, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws Exception {
            return false;
        }

        @Override
        public boolean deleteKey(String keyId) throws Exception {
            return false;
        }

        @Override
        public PrivateKey getPrivateKey(String keyId) throws Exception {
            throw new UnsupportedOperationException("Method not implemented.");
        }
    });
    Jwt jwt = jwtSigner.newJwt();
    jwt.getClaims().setSubjectIdentifier("testing");
    jwt.getClaims().setIssuer("https:devgluu.saminet.local");
    jwt = jwtSigner.sign();
    RSAKey recipientPublicJWK = (RSAKey) (JWK.parse(recipientJwkJson));
    BlockEncryptionAlgorithm blockEncryptionAlgorithm = BlockEncryptionAlgorithm.A128GCM;
    KeyEncryptionAlgorithm keyEncryptionAlgorithm = KeyEncryptionAlgorithm.RSA_OAEP;
    Jwe jwe = new Jwe();
    jwe.getHeader().setType(JwtType.JWT);
    jwe.getHeader().setAlgorithm(keyEncryptionAlgorithm);
    jwe.getHeader().setEncryptionMethod(blockEncryptionAlgorithm);
    jwe.getHeader().setKeyId("1");
    jwe.setSignedJWTPayload(jwt);
    JweEncrypterImpl encrypter = new JweEncrypterImpl(keyEncryptionAlgorithm, blockEncryptionAlgorithm, recipientPublicJWK.toPublicKey());
    String jweString = encrypter.encrypt(jwe).toString();
    decryptAndValidateSignatureWithGluu(jweString);
    decryptAndValidateSignatureWithNimbus(jweString);
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) JSONWebKeySet(org.gluu.oxauth.model.jwk.JSONWebKeySet) ArrayList(java.util.ArrayList) SignatureAlgorithm(org.gluu.oxauth.model.crypto.signature.SignatureAlgorithm) BlockEncryptionAlgorithm(org.gluu.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm) JwtSigner(org.gluu.oxauth.model.token.JwtSigner) AppConfiguration(org.gluu.oxauth.model.configuration.AppConfiguration) Jwe(org.gluu.oxauth.model.jwe.Jwe) AbstractCryptoProvider(org.gluu.oxauth.model.crypto.AbstractCryptoProvider) Use(org.gluu.oxauth.model.jwk.Use) Jwt(org.gluu.oxauth.model.jwt.Jwt) SignatureAlgorithm(org.gluu.oxauth.model.crypto.signature.SignatureAlgorithm) KeyEncryptionAlgorithm(org.gluu.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm) Algorithm(org.gluu.oxauth.model.jwk.Algorithm) BlockEncryptionAlgorithm(org.gluu.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm) JSONException(org.json.JSONException) ParseException(java.text.ParseException) InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException) IOException(java.io.IOException) InvalidJweException(org.gluu.oxauth.model.exception.InvalidJweException) JSONWebKey(org.gluu.oxauth.model.jwk.JSONWebKey) JSONObject(org.json.JSONObject) Signature(java.security.Signature) KeyEncryptionAlgorithm(org.gluu.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm) JweEncrypterImpl(org.gluu.oxauth.model.jwe.JweEncrypterImpl) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Test(org.testng.annotations.Test)

Example 14 with RSAKey

use of com.nimbusds.jose.jwk.RSAKey in project dhis2-core by dhis2.

the class JwtUtils method jwkSource.

public JWKSource<SecurityContext> jwkSource() {
    RSAKey rsaKey = Jwks.generateRsa();
    JWKSet jwkSet = new JWKSet(rsaKey);
    return (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
}
Also used : SecurityContext(com.nimbusds.jose.proc.SecurityContext) JWKSelector(com.nimbusds.jose.jwk.JWKSelector) URL(java.net.URL) Date(java.util.Date) JOSEException(com.nimbusds.jose.JOSEException) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) JWKSet(com.nimbusds.jose.jwk.JWKSet) JWSSignerFactory(com.nimbusds.jose.produce.JWSSignerFactory) Map(java.util.Map) Base64URL(com.nimbusds.jose.util.Base64URL) Jwt(org.springframework.security.oauth2.jwt.Jwt) Base64(com.nimbusds.jose.util.Base64) Converter(org.springframework.core.convert.converter.Converter) JWKSource(com.nimbusds.jose.jwk.source.JWKSource) DefaultJWSSignerFactory(com.nimbusds.jose.crypto.factories.DefaultJWSSignerFactory) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) Set(java.util.Set) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) UUID(java.util.UUID) Instant(java.time.Instant) Collectors(java.util.stream.Collectors) JWSHeader(com.nimbusds.jose.JWSHeader) SignedJWT(com.nimbusds.jwt.SignedJWT) JWK(com.nimbusds.jose.jwk.JWK) KeySourceException(com.nimbusds.jose.KeySourceException) List(java.util.List) JWSSigner(com.nimbusds.jose.JWSSigner) RSAKey(com.nimbusds.jose.jwk.RSAKey) JSONObject(net.minidev.json.JSONObject) CollectionUtils(org.springframework.util.CollectionUtils) JOSEObjectType(com.nimbusds.jose.JOSEObjectType) JWKMatcher(com.nimbusds.jose.jwk.JWKMatcher) Assert(org.springframework.util.Assert) StringUtils(org.springframework.util.StringUtils) RSAKey(com.nimbusds.jose.jwk.RSAKey) JWKSet(com.nimbusds.jose.jwk.JWKSet)

Example 15 with RSAKey

use of com.nimbusds.jose.jwk.RSAKey in project mycore by MyCoRe-Org.

the class MCRJSONWebTokenUtil method retrievePublicKeyFromAuthenticationToken.

/**
 * retrieves the client public key from Authentication Token
 *
 * @param signedJWT - the authentication token
 * @return the public key as JWK object
 */
public static JWK retrievePublicKeyFromAuthenticationToken(SignedJWT signedJWT) {
    JWK result = null;
    try {
        result = JWK.parse(signedJWT.getJWTClaimsSet().getJSONObjectClaim("sub_jwk"));
        RSAKey publicKey = (RSAKey) signedJWT.getHeader().getJWK();
        if (signedJWT.verify(new RSASSAVerifier(publicKey))) {
            return result;
        }
    } catch (ParseException | JOSEException e) {
        LOGGER.error(e);
    }
    return null;
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier) ParseException(java.text.ParseException) JOSEException(com.nimbusds.jose.JOSEException) JWK(com.nimbusds.jose.jwk.JWK)

Aggregations

RSAKey (com.nimbusds.jose.jwk.RSAKey)36 Test (org.junit.jupiter.api.Test)14 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)10 SignedJWT (com.nimbusds.jwt.SignedJWT)9 ParseException (java.text.ParseException)9 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)8 JWK (com.nimbusds.jose.jwk.JWK)8 IOException (java.io.IOException)6 JOSEException (com.nimbusds.jose.JOSEException)5 JWKSelector (com.nimbusds.jose.jwk.JWKSelector)5 SecurityContext (com.nimbusds.jose.proc.SecurityContext)5 InvalidJweException (org.gluu.oxauth.model.exception.InvalidJweException)5 InvalidJwtException (org.gluu.oxauth.model.exception.InvalidJwtException)5 JSONException (org.json.JSONException)5 RSADecrypter (com.nimbusds.jose.crypto.RSADecrypter)4 Base64URL (com.nimbusds.jose.util.Base64URL)4 RSAPublicKey (java.security.interfaces.RSAPublicKey)4 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3 JWSVerifier (com.nimbusds.jose.JWSVerifier)3 RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial