Example 16 with JsonWebKey
use of org.apache.cxf.rs.security.jose.jwk.JsonWebKey in project cxf by apache.
the class EcdhDirectKeyJweDecryption method getDecryptedContentEncryptionKeyFromHeaders.
protected static byte[] getDecryptedContentEncryptionKeyFromHeaders(JweHeaders headers, ECPrivateKey privateKey) {
ContentAlgorithm jwtAlgo = headers.getContentEncryptionAlgorithm();
JsonWebKey publicJwk = headers.getJsonWebKey("epk");
String apuHeader = (String) headers.getHeader("apu");
byte[] apuBytes = apuHeader == null ? null : JoseUtils.decode(apuHeader);
String apvHeader = (String) headers.getHeader("apv");
byte[] apvBytes = apvHeader == null ? null : JoseUtils.decode(apvHeader);
return JweUtils.getECDHKey(privateKey, JwkUtils.toECPublicKey(publicJwk), apuBytes, apvBytes, jwtAlgo.getJwaName(), jwtAlgo.getKeySizeBits());
}
Also used :
ContentAlgorithm(org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Example 17 with JsonWebKey
use of org.apache.cxf.rs.security.jose.jwk.JsonWebKey in project cxf by apache.
the class JwsCompactReaderWriterTest method testWriteJwsWithJwkSignedByMac.
@Test
public void testWriteJwsWithJwkSignedByMac() throws Exception {
JsonWebKey key = new JsonWebKey();
key.setKeyType(KeyType.OCTET);
key.setKeyOperation(Arrays.asList(new KeyOperation[] { KeyOperation.SIGN, KeyOperation.VERIFY }));
doTestWriteJwsWithJwkSignedByMac(key);
}
Also used :
KeyOperation(org.apache.cxf.rs.security.jose.jwk.KeyOperation)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Test(org.junit.Test)
Example 18 with JsonWebKey
use of org.apache.cxf.rs.security.jose.jwk.JsonWebKey in project cxf by apache.
the class JwsJsonConsumerTest method testVerifyDualSignedDocument.
@Test
public void testVerifyDualSignedDocument() throws Exception {
JwsJsonConsumer consumer = new JwsJsonConsumer(DUAL_SIGNED_DOCUMENT);
JsonWebKeys jwks = readKeySet("jwkPublicJsonConsumerSet.txt");
List<JwsJsonSignatureEntry> sigEntries = consumer.getSignatureEntries();
assertEquals(2, sigEntries.size());
// 1st signature
String firstKid = sigEntries.get(0).getKeyId();
assertEquals(KID_OF_THE_FIRST_SIGNER, firstKid);
JsonWebKey rsaKey = jwks.getKey(firstKid);
assertNotNull(rsaKey);
assertTrue(sigEntries.get(0).verifySignatureWith(rsaKey));
// 2nd signature
String secondKid = sigEntries.get(1).getKeyId();
assertEquals(KID_OF_THE_SECOND_SIGNER, secondKid);
JsonWebKey ecKey = jwks.getKey(secondKid);
assertNotNull(ecKey);
assertTrue(sigEntries.get(1).verifySignatureWith(ecKey));
}
Also used :
JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Test(org.junit.Test)
Example 19 with JsonWebKey
use of org.apache.cxf.rs.security.jose.jwk.JsonWebKey in project cxf by apache.
the class JwsUtilsTest method testLoadVerificationKeyWithCert.
@Test
public void testLoadVerificationKeyWithCert() throws Exception {
Properties p = new Properties();
p.put(JoseConstants.RSSEC_KEY_STORE_FILE, "org/apache/cxf/rs/security/jose/jws/alice.jks");
p.put(JoseConstants.RSSEC_KEY_STORE_PSWD, "password");
p.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "alice");
p.put(JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT, true);
JsonWebKeys keySet = JwsUtils.loadPublicVerificationKeys(createMessage(), p);
assertEquals(1, keySet.asMap().size());
List<JsonWebKey> keys = keySet.getRsaKeys();
assertEquals(1, keys.size());
JsonWebKey key = keys.get(0);
assertEquals(KeyType.RSA, key.getKeyType());
assertEquals("alice", key.getKeyId());
assertNotNull(key.getKeyProperty(JsonWebKey.RSA_PUBLIC_EXP));
assertNotNull(key.getKeyProperty(JsonWebKey.RSA_MODULUS));
assertNull(key.getKeyProperty(JsonWebKey.RSA_PRIVATE_EXP));
List<String> chain = key.getX509Chain();
assertNotNull(chain);
assertEquals(2, chain.size());
}
Also used :
JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Properties(java.util.Properties)
Test(org.junit.Test)
Example 20 with JsonWebKey
use of org.apache.cxf.rs.security.jose.jwk.JsonWebKey in project cxf by apache.
the class JweUtils method loadPublicKeyEncryptionKeys.
public static JsonWebKeys loadPublicKeyEncryptionKeys(Message m, Properties props) {
String storeType = props.getProperty(JoseConstants.RSSEC_KEY_STORE_TYPE);
if ("jwk".equals(storeType)) {
return JwkUtils.loadPublicJwkSet(m, props);
}
// TODO: consider loading all the public keys in the store
PublicKey key = KeyManagementUtils.loadPublicKey(m, props);
JsonWebKey jwk = JwkUtils.fromPublicKey(key, props, JoseConstants.RSSEC_ENCRYPTION_KEY_ALGORITHM);
return new JsonWebKeys(jwk);
}
Also used :
RSAPublicKey(java.security.interfaces.RSAPublicKey)
PublicKey(java.security.PublicKey)
ECPublicKey(java.security.interfaces.ECPublicKey)
JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Aggregations
JsonWebKey (org.apache.cxf.rs.security.jose.jwk.JsonWebKey)31
JsonWebKeys (org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)18
Test (org.junit.Test)18
JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)7
JwsJsonConsumer (org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer)7
JwsJsonProducer (org.apache.cxf.rs.security.jose.jws.JwsJsonProducer)7
JsonMapObjectReaderWriter (org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter)6
ContentAlgorithm (org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)5
JwsCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer)5
JwsCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsCompactProducer)5
Properties (java.util.Properties)4
X509Certificate (java.security.cert.X509Certificate)3
ECPrivateKey (java.security.interfaces.ECPrivateKey)3
Message (org.apache.cxf.message.Message)3
KeyAlgorithm (org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)3
BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)3
PrivateKey (java.security.PrivateKey)2
PublicKey (java.security.PublicKey)2
ECPublicKey (java.security.interfaces.ECPublicKey)2
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)2
