Example 6 with KeyAlgorithm
use of org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm in project cxf by apache.
the class JweUtils method getKeyEncryptionProvider.
public static KeyEncryptionProvider getKeyEncryptionProvider(JsonWebKey jwk, KeyAlgorithm defaultAlgorithm) {
KeyAlgorithm keyAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : KeyAlgorithm.getAlgorithm(jwk.getAlgorithm());
KeyEncryptionProvider keyEncryptionProvider = null;
KeyType keyType = jwk.getKeyType();
if (KeyType.RSA == keyType) {
keyEncryptionProvider = getPublicKeyEncryptionProvider(JwkUtils.toRSAPublicKey(jwk, true), keyAlgo);
} else if (KeyType.OCTET == keyType) {
keyEncryptionProvider = getSecretKeyEncryptionAlgorithm(JwkUtils.toSecretKey(jwk), keyAlgo);
} else {
ContentAlgorithm ctAlgo = null;
Message m = PhaseInterceptorChain.getCurrentMessage();
if (m != null) {
ctAlgo = getContentAlgo((String) m.get(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM));
}
keyEncryptionProvider = new EcdhAesWrapKeyEncryptionAlgorithm(JwkUtils.toECPublicKey(jwk), jwk.getStringProperty(JsonWebKey.EC_CURVE), keyAlgo, ctAlgo == null ? ContentAlgorithm.A128GCM : ctAlgo);
}
return keyEncryptionProvider;
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
Message(org.apache.cxf.message.Message)
ContentAlgorithm(org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)
KeyAlgorithm(org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)
Example 7 with KeyAlgorithm
use of org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm in project cxf by apache.
the class JweJsonConsumerTest method doTestMultipleRecipients.
private void doTestMultipleRecipients(String jweJson) {
final String text = "The true sign of intelligence is not knowledge but imagination.";
SecretKey wrapperKey1 = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES1, "AES");
SecretKey wrapperKey2 = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES2, "AES");
JweJsonConsumer consumer = new JweJsonConsumer(jweJson);
KeyAlgorithm keyAlgo = consumer.getSharedUnprotectedHeader().getKeyEncryptionAlgorithm();
ContentAlgorithm ctAlgo = consumer.getProtectedHeader().getContentEncryptionAlgorithm();
// Recipient 1
JweDecryptionProvider jwe1 = JweUtils.createJweDecryptionProvider(wrapperKey1, keyAlgo, ctAlgo);
JweDecryptionOutput out1 = consumer.decryptWith(jwe1, Collections.singletonMap("kid", "key1"));
assertEquals(text, out1.getContentText());
// Recipient 2
JweDecryptionProvider jwe2 = JweUtils.createJweDecryptionProvider(wrapperKey2, keyAlgo, ctAlgo);
JweDecryptionOutput out2 = consumer.decryptWith(jwe2, Collections.singletonMap("kid", "key2"));
assertEquals(text, out2.getContentText());
// Extra AAD
assertEquals(JweJsonProducerTest.EXTRA_AAD_SOURCE, consumer.getAadText());
}
Also used :
SecretKey(javax.crypto.SecretKey)
ContentAlgorithm(org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)
KeyAlgorithm(org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)
Aggregations
KeyAlgorithm (org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)7
ContentAlgorithm (org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)4
Message (org.apache.cxf.message.Message)3
JsonWebKey (org.apache.cxf.rs.security.jose.jwk.JsonWebKey)3
SecretKey (javax.crypto.SecretKey)2
PrivateKeyPasswordProvider (org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider)2
KeyType (org.apache.cxf.rs.security.jose.jwk.KeyType)2
PrivateKey (java.security.PrivateKey)1
X509Certificate (java.security.cert.X509Certificate)1
ECPrivateKey (java.security.interfaces.ECPrivateKey)1
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
LinkedList (java.util.LinkedList)1
Properties (java.util.Properties)1
ContentEncryptionProvider (org.apache.cxf.rs.security.jose.jwe.ContentEncryptionProvider)1
JweEncryption (org.apache.cxf.rs.security.jose.jwe.JweEncryption)1
JweEncryptionProvider (org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider)1
JweException (org.apache.cxf.rs.security.jose.jwe.JweException)1
JweHeaders (org.apache.cxf.rs.security.jose.jwe.JweHeaders)1
