Example 1 with EDDSAPublicKey
use of io.jans.as.model.crypto.signature.EDDSAPublicKey in project jans by JanssenProject.
the class JwtUtil method getPublicKey.
public static io.jans.as.model.crypto.PublicKey getPublicKey(String jwksUri, String jwks, SignatureAlgorithm signatureAlgorithm, String keyId) {
JSONObject jsonKeyValue = getJsonKey(jwksUri, jwks, keyId);
if (jsonKeyValue == null) {
return null;
}
io.jans.as.model.crypto.PublicKey publicKey = null;
try {
String resultKeyId = jsonKeyValue.getString(KEY_ID);
if (signatureAlgorithm == null) {
signatureAlgorithm = SignatureAlgorithm.fromString(jsonKeyValue.getString(ALGORITHM));
if (signatureAlgorithm == null) {
log.error(String.format("Failed to determine key '%s' signature algorithm", resultKeyId));
return null;
}
}
JSONObject jsonPublicKey = jsonKeyValue;
if (jsonKeyValue.has(PUBLIC_KEY)) {
// Use internal jwks.json format
jsonPublicKey = jsonKeyValue.getJSONObject(PUBLIC_KEY);
}
AlgorithmFamily algorithmFamily = signatureAlgorithm.getFamily();
if (algorithmFamily == AlgorithmFamily.RSA) {
String exp = jsonPublicKey.getString(EXPONENT);
String mod = jsonPublicKey.getString(MODULUS);
BigInteger publicExponent = new BigInteger(1, Base64Util.base64urldecode(exp));
BigInteger modulus = new BigInteger(1, Base64Util.base64urldecode(mod));
publicKey = new RSAPublicKey(modulus, publicExponent);
} else if (algorithmFamily == AlgorithmFamily.EC) {
String xx = jsonPublicKey.getString(X);
String yy = jsonPublicKey.getString(Y);
BigInteger x = new BigInteger(1, Base64Util.base64urldecode(xx));
BigInteger y = new BigInteger(1, Base64Util.base64urldecode(yy));
publicKey = new ECDSAPublicKey(signatureAlgorithm, x, y);
} else if (algorithmFamily == AlgorithmFamily.ED) {
String xx = jsonPublicKey.getString(X);
BigInteger x = new BigInteger(1, Base64Util.base64urldecode(xx));
publicKey = new EDDSAPublicKey(signatureAlgorithm, x.toByteArray());
} else {
throw new InvalidParameterException("Wrong value of the AlgorithmFamily: algorithmFamily = " + algorithmFamily);
}
if (jsonKeyValue.has(CERTIFICATE_CHAIN)) {
final String BEGIN = "-----BEGIN CERTIFICATE-----";
final String END = "-----END CERTIFICATE-----";
JSONArray certChain = jsonKeyValue.getJSONArray(CERTIFICATE_CHAIN);
String certificateString = BEGIN + "\n" + certChain.getString(0) + "\n" + END;
StringReader sr = new StringReader(certificateString);
PEMParser pemReader = new PEMParser(sr);
X509Certificate cert = (X509CertificateObject) pemReader.readObject();
io.jans.as.model.crypto.Certificate certificate = new Certificate(signatureAlgorithm, cert);
publicKey.setCertificate(certificate);
}
publicKey.setKeyId(resultKeyId);
publicKey.setSignatureAlgorithm(signatureAlgorithm);
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
}
return publicKey;
}
Also used :
EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey)
JSONArray(org.json.JSONArray)
AlgorithmFamily(io.jans.as.model.crypto.signature.AlgorithmFamily)
X509Certificate(java.security.cert.X509Certificate)
InvalidParameterException(io.jans.as.model.exception.InvalidParameterException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
Certificate(io.jans.as.model.crypto.Certificate)
InvalidParameterException(io.jans.as.model.exception.InvalidParameterException)
JSONObject(org.json.JSONObject)
RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey)
PEMParser(org.bouncycastle.openssl.PEMParser)
X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject)
StringReader(java.io.StringReader)
BigInteger(java.math.BigInteger)
ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)
X509Certificate(java.security.cert.X509Certificate)
Certificate(io.jans.as.model.crypto.Certificate)
Example 2 with EDDSAPublicKey
use of io.jans.as.model.crypto.signature.EDDSAPublicKey in project jans by JanssenProject.
the class Certificate method getPublicKey.
/**
* Returns Public Key from X509 Certificate.
*
* @return Public Key from X509 Certificate.
*/
public PublicKey getPublicKey() {
if (x509Certificate == null) {
return null;
}
PublicKey publicKey = null;
if (x509Certificate.getPublicKey() instanceof BCRSAPublicKey) {
BCRSAPublicKey jcersaPublicKey = (BCRSAPublicKey) x509Certificate.getPublicKey();
publicKey = new RSAPublicKey(jcersaPublicKey.getModulus(), jcersaPublicKey.getPublicExponent());
} else if (x509Certificate.getPublicKey() instanceof BCECPublicKey) {
BCECPublicKey jceecPublicKey = (BCECPublicKey) x509Certificate.getPublicKey();
publicKey = new ECDSAPublicKey(signatureAlgorithm, jceecPublicKey.getQ().getXCoord().toBigInteger(), jceecPublicKey.getQ().getYCoord().toBigInteger());
} else if (x509Certificate.getPublicKey() instanceof BCEdDSAPublicKey) {
BCEdDSAPublicKey jceedPublicKey = (BCEdDSAPublicKey) x509Certificate.getPublicKey();
publicKey = new EDDSAPublicKey(signatureAlgorithm, jceedPublicKey.getEncoded());
}
return publicKey;
}
Also used :
EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey)
RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey)
BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)
BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)
RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey)
EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey)
BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)
ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)
BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)
BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)
BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)
BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)
ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)
Example 3 with EDDSAPublicKey
use of io.jans.as.model.crypto.signature.EDDSAPublicKey in project jans by JanssenProject.
the class Certificate method getEddsaPublicKey.
/**
* Returns EDDSA Public Key from X509 Certificate.
*
* @return EDDSA Public Key from X509 Certificate.
*/
public EDDSAPublicKey getEddsaPublicKey() {
EDDSAPublicKey eddsaPublicKey = null;
if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCEdDSAPublicKey) {
BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) x509Certificate.getPublicKey();
eddsaPublicKey = new EDDSAPublicKey(signatureAlgorithm, publicKey.getEncoded());
}
return eddsaPublicKey;
}
Also used :
EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey)
BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)
Aggregations
EDDSAPublicKey (io.jans.as.model.crypto.signature.EDDSAPublicKey)3
ECDSAPublicKey (io.jans.as.model.crypto.signature.ECDSAPublicKey)2
RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)2
BCEdDSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)2
Certificate (io.jans.as.model.crypto.Certificate)1
AlgorithmFamily (io.jans.as.model.crypto.signature.AlgorithmFamily)1
InvalidParameterException (io.jans.as.model.exception.InvalidParameterException)1
IOException (java.io.IOException)1
StringReader (java.io.StringReader)1
BigInteger (java.math.BigInteger)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
NoSuchProviderException (java.security.NoSuchProviderException)1
X509Certificate (java.security.cert.X509Certificate)1
BCECPublicKey (org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)1
BCRSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)1
X509CertificateObject (org.bouncycastle.jce.provider.X509CertificateObject)1
PEMParser (org.bouncycastle.openssl.PEMParser)1
JSONArray (org.json.JSONArray)1
JSONObject (org.json.JSONObject)1
