Examples with RSAPublicKey java.security.interfaces.RSAPublicKey used on opensource projects

Example 96 with RSAPublicKey

use of java.security.interfaces.RSAPublicKey in project qpid-broker-j by apache.

the class NonJavaKeyStoreImpl method validateKeyStoreAttributes.

private void validateKeyStoreAttributes(NonJavaKeyStore<?> keyStore) {
    try {
        final PrivateKey privateKey = SSLUtil.readPrivateKey(getUrlFromString(keyStore.getPrivateKeyUrl()));
        X509Certificate[] certs = SSLUtil.readCertificates(getUrlFromString(keyStore.getCertificateUrl()));
        final List<X509Certificate> allCerts = new ArrayList<>(Arrays.asList(certs));
        if (keyStore.getIntermediateCertificateUrl() != null) {
            allCerts.addAll(Arrays.asList(SSLUtil.readCertificates(getUrlFromString(keyStore.getIntermediateCertificateUrl()))));
            certs = allCerts.toArray(new X509Certificate[allCerts.size()]);
        }
        final PublicKey publicKey = certs[0].getPublicKey();
        if (privateKey instanceof RSAPrivateKey && publicKey instanceof RSAPublicKey) {
            final BigInteger privateModulus = ((RSAPrivateKey) privateKey).getModulus();
            final BigInteger publicModulus = ((RSAPublicKey) publicKey).getModulus();
            if (!Objects.equals(privateModulus, publicModulus)) {
                throw new IllegalConfigurationException("Private key does not match certificate");
            }
        }
    } catch (IOException | GeneralSecurityException e) {
        throw new IllegalConfigurationException("Cannot validate private key or certificate(s):" + e, e);
    }
}

Example 97 with RSAPublicKey

use of java.security.interfaces.RSAPublicKey in project carbon-apimgt by wso2.

the class JWTValidatorImpl method validateSignature.

protected boolean validateSignature(SignedJWT signedJWT) throws APIManagementException {
    String certificateAlias = APIConstants.GATEWAY_PUBLIC_CERTIFICATE_ALIAS;
    try {
        String keyID = signedJWT.getHeader().getKeyID();
        if (StringUtils.isNotEmpty(keyID)) {
            if (tokenIssuer.getJwksConfigurationDTO().isEnabled() && StringUtils.isNotEmpty(tokenIssuer.getJwksConfigurationDTO().getUrl())) {
                // Check JWKSet Available in Cache
                if (jwkSet == null) {
                    jwkSet = retrieveJWKSet();
                }
                if (jwkSet.getKeyByKeyId(keyID) == null) {
                    jwkSet = retrieveJWKSet();
                }
                if (jwkSet.getKeyByKeyId(keyID) instanceof RSAKey) {
                    RSAKey keyByKeyId = (RSAKey) jwkSet.getKeyByKeyId(keyID);
                    RSAPublicKey rsaPublicKey = keyByKeyId.toRSAPublicKey();
                    if (rsaPublicKey != null) {
                        return JWTUtil.verifyTokenSignature(signedJWT, rsaPublicKey);
                    }
                } else {
                    if (log.isDebugEnabled()) {
                        log.debug("Key Algorithm not supported");
                    }
                    // return false to produce 401 unauthenticated response
                    return false;
                }
            } else if (tokenIssuer.getCertificate() != null) {
                log.debug("Retrieve certificate from Token issuer and validating");
                RSAPublicKey rsaPublicKey = (RSAPublicKey) tokenIssuer.getCertificate().getPublicKey();
                return JWTUtil.verifyTokenSignature(signedJWT, rsaPublicKey);
            } else {
                return JWTUtil.verifyTokenSignature(signedJWT, keyID);
            }
        }
        return JWTUtil.verifyTokenSignature(signedJWT, certificateAlias);
    } catch (ParseException | JOSEException | IOException e) {
        log.error("Error while parsing JWT", e);
    }
    return true;
}

Example 98 with RSAPublicKey

use of java.security.interfaces.RSAPublicKey in project cxf by apache.

the class JweCompactReaderWriterTest method testEncryptDecryptRSA15WrapA128CBCHS256.

@Test
public void testEncryptDecryptRSA15WrapA128CBCHS256() throws Exception {
    final String specPlainText = "Live long and prosper.";
    RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, RSA_PUBLIC_EXPONENT_ENCODED_A1);
    KeyEncryptionProvider keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey, KeyAlgorithm.RSA1_5);
    JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256, CONTENT_ENCRYPTION_KEY_A3, INIT_VECTOR_A3, keyEncryption);
    String jweContent = encryption.encrypt(specPlainText.getBytes(StandardCharsets.UTF_8), null);
    RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1, RSA_PRIVATE_EXPONENT_ENCODED_A1);
    KeyDecryptionProvider keyDecryption = new RSAKeyDecryptionAlgorithm(privateKey, KeyAlgorithm.RSA1_5);
    JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
    String decryptedText = decryption.decrypt(jweContent).getContentText();
    assertEquals(specPlainText, decryptedText);
}

Example 99 with RSAPublicKey

use of java.security.interfaces.RSAPublicKey in project cxf by apache.

the class JwkUtilsTest method testFromToPublicRsaKey2.

@Test
public void testFromToPublicRsaKey2() throws Exception {
    BigInteger n = new BigInteger("525569531153621228164069013206963023039121751335221395180741421479892725873020691336158448746650762107595" + "8352148531548486906896903886764928450353366890712125983926472500064566992690642117517954169974907061547" + "3353190040609042090075291281955112293781438730376121249764205272939686534594208819023639183157456093565" + "4148815673814517535941780340023556224072529306118783149589148262622268860151306096159642808944513667279" + "4704664637866917427597486905443676772669967766269923280637049233876979061993814679654208850149406432368" + "2161337544093644200063709176660451323844399667162451308704624790051211834667782115390754507376506824717" + "9938484919159962066058375588059543574624283546151162925649987580839763809787286157381728046746195701379" + "0902293850442561995774628930418082115864728330723111110174368232384797709242627319756376556142528218939" + "7783875183123336240582938265783686836202210705597100765098627429017295706176890505466946207401105614189" + "2784165813507235148683348014201150784998715061575093867666453332433607035581378251824779499939486011300" + "7245546797308586043310145338620953330797301627631794650975659295961069452157705404946866414340860434286" + "65874725802069389719375237126155948350679342167596471110676954951640992376889874630989205394080379", 10);
    BigInteger e = new BigInteger("65537", 10);
    RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(n, e);
    JsonWebKey jwk1 = JwkUtils.fromRSAPublicKey(publicKey, KeyAlgorithm.RSA_OAEP_256.getJwaName());
    assertNotNull(jwk1.getProperty(JsonWebKey.RSA_PUBLIC_EXP));
    assertNull(jwk1.getProperty(JsonWebKey.RSA_PRIVATE_EXP));
    RSAPublicKey privateKey2 = JwkUtils.toRSAPublicKey(jwk1);
    assertEquals(privateKey2, publicKey);
}

Example 100 with RSAPublicKey

use of java.security.interfaces.RSAPublicKey in project cxf by apache.

the class JwkUtilsTest method testRsaKeyModulus.

@Test
public void testRsaKeyModulus() throws Exception {
    JsonWebKey jwk = JwkUtils.readJwkKey(RSA_KEY);
    String modulus = jwk.getStringProperty(JsonWebKey.RSA_MODULUS);
    assertEquals(256, JoseUtils.decode(modulus).length);
    RSAPublicKey pk = JwkUtils.toRSAPublicKey(jwk);
    JsonWebKey jwk2 = JwkUtils.fromRSAPublicKey(pk, jwk.getAlgorithm());
    String modulus2 = jwk2.getStringProperty(JsonWebKey.RSA_MODULUS);
    assertEquals(256, JoseUtils.decode(modulus2).length);
    assertEquals(modulus2, modulus);
}