use of java.security.interfaces.RSAPublicKey in project spring-security by spring-projects.
the class NimbusJwtDecoderTests method decodeWhenUsingPublicKeyWithKidThenStillUsesKey.
// gh-7049
@Test
public void decodeWhenUsingPublicKeyWithKidThenStillUsesKey() throws Exception {
RSAPublicKey publicKey = TestKeys.DEFAULT_PUBLIC_KEY;
RSAPrivateKey privateKey = TestKeys.DEFAULT_PRIVATE_KEY;
// @formatter:off
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("one").build();
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject("test-subject").expirationTime(Date.from(Instant.now().plusSeconds(60))).build();
// @formatter:on
SignedJWT signedJwt = signedJwt(privateKey, header, claimsSet);
// @formatter:off
NimbusJwtDecoder decoder = NimbusJwtDecoder.withPublicKey(publicKey).signatureAlgorithm(SignatureAlgorithm.RS256).build();
assertThat(decoder.decode(signedJwt.serialize())).extracting(Jwt::getSubject).isEqualTo("test-subject");
// @formatter:on
}
use of java.security.interfaces.RSAPublicKey in project spring-security by spring-projects.
the class NimbusReactiveJwtDecoderTests method decodeWhenRSAPublicKeyThenSuccess.
@Test
public void decodeWhenRSAPublicKeyThenSuccess() throws Exception {
byte[] bytes = Base64.getDecoder().decode("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL48v1clgFw+Evm145pmh8nRYiNt72Gupsshn7Qs8dxEydCRp1DPOV/PahPk1y2nvldBNIhfNL13JOAiJ6BTiF+2ICuICAhDArLMnTH61oL1Hepq8W1xpa9gxsnL1P51thvfmiiT4RTW57koy4xIWmIp8ZXXfYgdH2uHJ9R0CQBuYKe7nEOObjxCFWC8S30huOfW2cYtv0iB23h6w5z2fDLjddX6v/FXM7ktcokgpm3/XmvT/+bL6/GGwz9k6kJOyMTubecr+WT//le8ikY66zlplYXRQh6roFfFCL21Pt8xN5zrk+0AMZUnmi8F2S2ztSBmAVJ7H71ELXsURBVZpwIDAQAB");
RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bytes));
this.decoder = new NimbusReactiveJwtDecoder(publicKey);
String noKeyId = "eyJhbGciOiJSUzI1NiJ9.eyJzY29wZSI6IiIsImV4cCI6OTIyMzM3MjAwNjA5NjM3NX0.hNVuHSUkxdLZrDfqdmKcOi0ggmNaDuB4ZPxPtJl1gwBiXzIGN6Hwl24O2BfBZiHFKUTQDs4_RvzD71mEG3DvUrcKmdYWqIB1l8KNmxQLUDG-cAPIpJmRJgCh50tf8OhOE_Cb9E1HcsOUb47kT9iz-VayNBcmo6BmyZLdEGhsdGBrc3Mkz2dd_0PF38I2Hf_cuSjn9gBjFGtiPEXJvob3PEjVTSx_zvodT8D9p3An1R3YBZf5JSd1cQisrXgDX2k1Jmf7UKKWzgfyCgnEtRWWbsUdPqo3rSEY9GDC1iSQXsFTTC1FT_JJDkwzGf011fsU5O_Ko28TARibmKTCxAKNRQ";
this.decoder.decode(noKeyId).block();
}
use of java.security.interfaces.RSAPublicKey in project spring-security by spring-projects.
the class RsaKeyConvertersTests method x509WhenConvertingX509CertificateThenOk.
@Test
public void x509WhenConvertingX509CertificateThenOk() {
RSAPublicKey key = this.x509.convert(toInputStream(X509_CERTIFICATE));
Assertions.assertThat(key.getModulus().bitLength()).isEqualTo(1024);
}
use of java.security.interfaces.RSAPublicKey in project oxAuth by GluuFederation.
the class OxAuthCryptoProvider method generateKey.
@Override
public JSONObject generateKey(Algorithm algorithm, Long expirationTime, Use use, int keyLength) throws Exception {
KeyPairGenerator keyGen = null;
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.fromString(algorithm.getParamName());
if (signatureAlgorithm == null) {
signatureAlgorithm = SignatureAlgorithm.RS256;
}
if (algorithm == null) {
throw new RuntimeException("The signature algorithm parameter cannot be null");
} else if (AlgorithmFamily.RSA.equals(algorithm.getFamily())) {
keyGen = KeyPairGenerator.getInstance(algorithm.getFamily().toString(), "BC");
keyGen.initialize(keyLength, new SecureRandom());
} else if (AlgorithmFamily.EC.equals(algorithm.getFamily())) {
ECGenParameterSpec eccgen = new ECGenParameterSpec(signatureAlgorithm.getCurve().getAlias());
keyGen = KeyPairGenerator.getInstance(algorithm.getFamily().toString(), "BC");
keyGen.initialize(eccgen, new SecureRandom());
} else {
throw new RuntimeException("The provided signature algorithm parameter is not supported");
}
// Generate the key
KeyPair keyPair = keyGen.generateKeyPair();
java.security.PrivateKey pk = keyPair.getPrivate();
// Java API requires a certificate chain
X509Certificate cert = generateV3Certificate(keyPair, dnName, signatureAlgorithm.getAlgorithm(), expirationTime);
X509Certificate[] chain = new X509Certificate[1];
chain[0] = cert;
String alias = UUID.randomUUID().toString() + getKidSuffix(use, algorithm);
keyStore.setKeyEntry(alias, pk, keyStoreSecret.toCharArray(), chain);
final String oldAliasByAlgorithm = getAliasByAlgorithmForDeletion(algorithm, alias, use);
if (StringUtils.isNotBlank(oldAliasByAlgorithm)) {
keyStore.deleteEntry(oldAliasByAlgorithm);
LOG.trace("New key: " + alias + ", deleted key: " + oldAliasByAlgorithm);
}
FileOutputStream stream = new FileOutputStream(keyStoreFile);
keyStore.store(stream, keyStoreSecret.toCharArray());
PublicKey publicKey = keyPair.getPublic();
JSONObject jsonObject = new JSONObject();
jsonObject.put(KEY_TYPE, algorithm.getFamily());
jsonObject.put(KEY_ID, alias);
jsonObject.put(KEY_USE, use.getParamName());
jsonObject.put(ALGORITHM, algorithm.getParamName());
jsonObject.put(EXPIRATION_TIME, expirationTime);
if (publicKey instanceof RSAPublicKey) {
RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
jsonObject.put(MODULUS, Base64Util.base64urlencodeUnsignedBigInt(rsaPublicKey.getModulus()));
jsonObject.put(EXPONENT, Base64Util.base64urlencodeUnsignedBigInt(rsaPublicKey.getPublicExponent()));
} else if (publicKey instanceof ECPublicKey) {
ECPublicKey ecPublicKey = (ECPublicKey) publicKey;
jsonObject.put(CURVE, signatureAlgorithm.getCurve().getName());
jsonObject.put(X, Base64Util.base64urlencodeUnsignedBigInt(ecPublicKey.getW().getAffineX()));
jsonObject.put(Y, Base64Util.base64urlencodeUnsignedBigInt(ecPublicKey.getW().getAffineY()));
}
JSONArray x5c = new JSONArray();
x5c.put(Base64.encodeBase64String(cert.getEncoded()));
jsonObject.put(CERTIFICATE_CHAIN, x5c);
return jsonObject;
}
use of java.security.interfaces.RSAPublicKey in project jadx by skylot.
the class CertificateManager method generateRSAPublicKey.
String generateRSAPublicKey() {
RSAPublicKey pub = (RSAPublicKey) cert.getPublicKey();
StringBuilder builder = new StringBuilder();
append(builder, NLS.str("certificate.serialPubKeyType"), pub.getAlgorithm());
append(builder, NLS.str("certificate.serialPubKeyExponent"), pub.getPublicExponent().toString(10));
append(builder, NLS.str("certificate.serialPubKeyModulusSize"), Integer.toString(pub.getModulus().toString(2).length()));
append(builder, NLS.str("certificate.serialPubKeyModulus"), pub.getModulus().toString(10));
return builder.toString();
}
Aggregations