Examples with OctetKeyPairGenerator com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator used on opensource projects

Example 1 with OctetKeyPairGenerator

use of com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator in project gravitee-access-management by gravitee-io.

the class JWEEdwardCurveTest method encryptIdToken.

@Test
public void encryptIdToken() {
    try {
        final OctetKeyPair jwk = new OctetKeyPairGenerator(Curve.X25519).generate();
        OKPKey key = new OKPKey();
        key.setKid("okpEnc");
        key.setUse("enc");
        key.setCrv(jwk.getCurve().getName());
        key.setX(jwk.getX().toString());
        Client client = new Client();
        client.setIdTokenEncryptedResponseAlg(alg);
        client.setIdTokenEncryptedResponseEnc(enc);
        when(jwkService.getKeys(client)).thenReturn(Maybe.just(new JWKSet()));
        when(jwkService.filter(any(), any())).thenReturn(Maybe.just(key));
        TestObserver testObserver = jweService.encryptIdToken("JWT", client).test();
        testObserver.assertNoErrors();
        testObserver.assertComplete();
        testObserver.assertValue(jweString -> {
            try {
                JWEObject jwe = JWEObject.parse((String) jweString);
                jwe.decrypt(new X25519Decrypter(jwk));
                return "JWT".equals(jwe.getPayload().toString());
            } catch (JOSEException e) {
                fail(e.getMessage());
            }
            return false;
        });
    } catch (JOSEException e) {
        fail(e.getMessage());
    }
}

Example 2 with OctetKeyPairGenerator

use of com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator in project gravitee-access-management by gravitee-io.

the class JWEEdwardCurveTest method encryptUserinfo.

@Test
public void encryptUserinfo() {
    try {
        final OctetKeyPair jwk = new OctetKeyPairGenerator(Curve.X25519).generate();
        OKPKey key = new OKPKey();
        key.setKid("okpEnc");
        key.setUse("enc");
        key.setCrv(jwk.getCurve().getName());
        key.setX(jwk.getX().toString());
        Client client = new Client();
        client.setUserinfoEncryptedResponseAlg(alg);
        client.setUserinfoEncryptedResponseEnc(enc);
        when(jwkService.getKeys(client)).thenReturn(Maybe.just(new JWKSet()));
        when(jwkService.filter(any(), any())).thenReturn(Maybe.just(key));
        TestObserver testObserver = jweService.encryptUserinfo("JWT", client).test();
        testObserver.assertNoErrors();
        testObserver.assertComplete();
        testObserver.assertValue(jweString -> {
            try {
                JWEObject jwe = JWEObject.parse((String) jweString);
                jwe.decrypt(new X25519Decrypter(jwk));
                return "JWT".equals(jwe.getPayload().toString());
            } catch (JOSEException e) {
                fail(e.getMessage());
            }
            return false;
        });
    } catch (JOSEException e) {
        fail(e.getMessage());
    }
}

Example 3 with OctetKeyPairGenerator

use of com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator in project gravitee-access-management by gravitee-io.

the class JWSServiceTest method testValidSignature_OKP.

@Test
public void testValidSignature_OKP() throws JOSEException {
    // Generate OKP key
    OctetKeyPair okp = new OctetKeyPairGenerator(Curve.Ed25519).generate();
    OKPKey key = new OKPKey();
    key.setKty("OKP");
    key.setKid(KID);
    key.setCrv(okp.getCurve().getStdName());
    key.setX(okp.getX().toString());
    // Sign JWT with Edward Curve algorithm
    SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.EdDSA).keyID(KID).build(), new JWTClaimsSet.Builder().expirationTime(Date.from(Instant.now().plus(1, ChronoUnit.DAYS))).build());
    signedJWT.sign(new Ed25519Signer(okp));
    assertTrue("Should be ok", jwsService.isValidSignature(signedJWT, key));
}

Example 4 with OctetKeyPairGenerator

use of com.nimbusds.jose.jwk.gen.OctetKeyPairGenerator in project conformance-suite by openid-certification.

the class OIDCCGenerateServerJWKs method createKeys.

/**
 * @param keyCount
 * @param keyType EC, RSA or OKP
 * @param keyUse if null keys won't have use
 * @param algorithm if null keys won't have alg
 * @throws JOSEException
 */
protected void createKeys(int keyCount, KeyType keyType, KeyUse keyUse, Algorithm algorithm, Curve curveForECKeys) throws JOSEException {
    if (keyCount < 1) {
        return;
    }
    int whichKeyToUse = getIndexOfKeyToUse(keyCount);
    for (int i = 0; i < keyCount; i++) {
        JWKGenerator<? extends JWK> jwkGenerator = null;
        if (KeyType.EC.equals(keyType)) {
            jwkGenerator = new ECKeyGenerator(curveForECKeys);
        } else if (KeyType.RSA.equals(keyType)) {
            jwkGenerator = new RSAKeyGenerator(rsaKeySize);
        } else if (KeyType.OKP.equals(keyType)) {
            jwkGenerator = new OctetKeyPairGenerator(edCurve);
        }
        if (keyUse != null) {
            jwkGenerator.keyUse(keyUse);
        }
        if (generateKids) {
            jwkGenerator.keyID(UUID.randomUUID().toString());
        }
        if (algorithm != null) {
            jwkGenerator.algorithm(algorithm);
        }
        JWK generatedJWK = jwkGenerator.generate();
        allGeneratedKeys.add(generatedJWK);
        if (keyUse.equals(KeyUse.ENCRYPTION)) {
            encryptionKeysToBeUsed.add(generatedJWK);
        }
        if (i == whichKeyToUse && (keyUse.equals(KeyUse.SIGNATURE))) {
            signingKeyToBeUsed.add(generatedJWK);
        }
    }
}