use of java.security.interfaces.RSAPublicKey in project cxf by apache.
the class JwsCompactReaderWriterTest method testJwsPsSha.
@Test
public void testJwsPsSha() throws Exception {
Security.addProvider(new BouncyCastleProvider());
try {
JwsHeaders outHeaders = new JwsHeaders();
outHeaders.setSignatureAlgorithm(SignatureAlgorithm.PS256);
JwsCompactProducer producer = initSpecJwtTokenWriter(outHeaders);
PrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED);
String signed = producer.signWith(new PrivateKeyJwsSignatureProvider(privateKey, SignatureAlgorithm.PS256));
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(signed);
RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.PS256)));
JwtToken token = jws.getJwtToken();
JwsHeaders inHeaders = new JwsHeaders(token.getJwsHeaders());
assertEquals(SignatureAlgorithm.PS256, inHeaders.getSignatureAlgorithm());
validateSpecClaim(token.getClaims());
} finally {
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
}
}
use of java.security.interfaces.RSAPublicKey in project cxf by apache.
the class JwsCompactReaderWriterTest method testReadJwsSignedByPrivateKey.
@Test
public void testReadJwsSignedByPrivateKey() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY);
RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.RS256)));
JwtToken token = jws.getJwtToken();
JwsHeaders headers = new JwsHeaders(token.getJwsHeaders());
assertEquals(SignatureAlgorithm.RS256, headers.getSignatureAlgorithm());
validateSpecClaim(token.getClaims());
}
use of java.security.interfaces.RSAPublicKey in project cxf by apache.
the class JweCompactReaderWriterTest method testEncryptDecryptRSA15WrapA128CBCHS256.
@Test
public void testEncryptDecryptRSA15WrapA128CBCHS256() throws Exception {
final String specPlainText = "Live long and prosper.";
RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, RSA_PUBLIC_EXPONENT_ENCODED_A1);
KeyEncryptionProvider keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey, KeyAlgorithm.RSA1_5);
JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256, CONTENT_ENCRYPTION_KEY_A3, INIT_VECTOR_A3, keyEncryption);
String jweContent = encryption.encrypt(specPlainText.getBytes(StandardCharsets.UTF_8), null);
RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1, RSA_PRIVATE_EXPONENT_ENCODED_A1);
KeyDecryptionProvider keyDecryption = new RSAKeyDecryptionAlgorithm(privateKey, KeyAlgorithm.RSA1_5);
JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
String decryptedText = decryption.decrypt(jweContent).getContentText();
assertEquals(specPlainText, decryptedText);
}
use of java.security.interfaces.RSAPublicKey in project jersey by jersey.
the class RsaSha1Method method verify.
/**
* Verifies the RSA-SHA1 signature of OAuth request elements.
*
* @param elements OAuth elements signature is to be verified against.
* @param secrets the secrets object containing the public key for verifying the signature.
* @param signature base64-encoded OAuth signature to be verified.
* @throws InvalidSecretException if the supplied secret is not valid.
*/
@Override
public boolean verify(final String elements, final OAuth1Secrets secrets, final String signature) throws InvalidSecretException {
final Signature sig;
try {
sig = Signature.getInstance(SIGNATURE_ALGORITHM);
} catch (final NoSuchAlgorithmException nsae) {
throw new IllegalStateException(nsae);
}
RSAPublicKey rsaPubKey = null;
final String tmpkey = secrets.getConsumerSecret();
if (tmpkey.startsWith(BEGIN_CERT)) {
try {
Certificate cert = null;
final ByteArrayInputStream bais = new ByteArrayInputStream(tmpkey.getBytes());
final BufferedInputStream bis = new BufferedInputStream(bais);
final CertificateFactory certfac = CertificateFactory.getInstance("X.509");
while (bis.available() > 0) {
cert = certfac.generateCertificate(bis);
}
rsaPubKey = (RSAPublicKey) cert.getPublicKey();
} catch (final Exception ex) {
LOGGER.log(Level.SEVERE, LocalizationMessages.ERROR_CANNOT_OBTAIN_PUBLIC_KEY(), ex);
return false;
}
}
final byte[] decodedSignature;
try {
decodedSignature = Base64.decode(signature);
} catch (final IOException e) {
return false;
}
try {
sig.initVerify(rsaPubKey);
} catch (final InvalidKeyException ike) {
throw new IllegalStateException(ike);
}
try {
sig.update(elements.getBytes());
} catch (final SignatureException se) {
throw new IllegalStateException(se);
}
try {
return sig.verify(decodedSignature);
} catch (final SignatureException se) {
throw new IllegalStateException(se);
}
}
use of java.security.interfaces.RSAPublicKey in project j2objc by google.
the class IosRSAKeyFactory method engineGetKeySpec.
@Override
@SuppressWarnings("unchecked")
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
if (key == null) {
throw new InvalidKeySpecException("key == null");
}
if (keySpec == null) {
throw new InvalidKeySpecException("keySpec == null");
}
if (!"RSA".equals(key.getAlgorithm())) {
throw new InvalidKeySpecException("Key must be a RSA key");
}
if (key instanceof RSAPublicKey && RSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
RSAPublicKey rsaKey = (RSAPublicKey) key;
return (T) new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent());
} else if (key instanceof PublicKey && RSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"X.509".equals(key.getFormat()) || encoded == null) {
throw new InvalidKeySpecException("Not a valid X.509 encoding");
}
RSAPublicKey rsaKey = (RSAPublicKey) engineGeneratePublic(new X509EncodedKeySpec(encoded));
return (T) new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent());
} else if (key instanceof RSAPrivateCrtKey && RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) {
RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key;
return (T) new RSAPrivateCrtKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent(), rsaKey.getPrivateExponent(), rsaKey.getPrimeP(), rsaKey.getPrimeQ(), rsaKey.getPrimeExponentP(), rsaKey.getPrimeExponentQ(), rsaKey.getCrtCoefficient());
} else if (key instanceof RSAPrivateCrtKey && RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key;
return (T) new RSAPrivateKeySpec(rsaKey.getModulus(), rsaKey.getPrivateExponent());
} else if (key instanceof RSAPrivateKey && RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
RSAPrivateKey rsaKey = (RSAPrivateKey) key;
return (T) new RSAPrivateKeySpec(rsaKey.getModulus(), rsaKey.getPrivateExponent());
} else if (key instanceof PrivateKey && RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"PKCS#8".equals(key.getFormat()) || encoded == null) {
throw new InvalidKeySpecException("Not a valid PKCS#8 encoding");
}
RSAPrivateKey privKey = (RSAPrivateKey) engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
if (privKey instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) privKey;
return (T) new RSAPrivateCrtKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent(), rsaKey.getPrivateExponent(), rsaKey.getPrimeP(), rsaKey.getPrimeQ(), rsaKey.getPrimeExponentP(), rsaKey.getPrimeExponentQ(), rsaKey.getCrtCoefficient());
} else {
throw new InvalidKeySpecException("Encoded key is not an RSAPrivateCrtKey");
}
} else if (key instanceof PrivateKey && RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"PKCS#8".equals(key.getFormat()) || encoded == null) {
throw new InvalidKeySpecException("Not a valid PKCS#8 encoding");
}
RSAPrivateKey rsaKey = (RSAPrivateKey) engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
return (T) new RSAPrivateKeySpec(rsaKey.getModulus(), rsaKey.getPrivateExponent());
} else if (key instanceof PrivateKey && PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"PKCS#8".equals(key.getFormat())) {
throw new InvalidKeySpecException("Encoding type must be PKCS#8; was " + key.getFormat());
} else if (encoded == null) {
throw new InvalidKeySpecException("Key is not encodable");
}
return (T) new PKCS8EncodedKeySpec(encoded);
} else if (key instanceof PublicKey && X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"X.509".equals(key.getFormat())) {
throw new InvalidKeySpecException("Encoding type must be X.509; was " + key.getFormat());
} else if (encoded == null) {
throw new InvalidKeySpecException("Key is not encodable");
}
return (T) new X509EncodedKeySpec(encoded);
} else {
throw new InvalidKeySpecException("Unsupported key type and key spec combination; key=" + key.getClass().getName() + ", keySpec=" + keySpec.getName());
}
}
Aggregations