Example 1 with KeyType
use of org.apache.cxf.rs.security.jose.jwk.KeyType in project cxf by apache.
the class JweUtils method getKeyDecryptionProvider.
public static KeyDecryptionProvider getKeyDecryptionProvider(JsonWebKey jwk, KeyAlgorithm defaultAlgorithm) {
KeyAlgorithm keyAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : KeyAlgorithm.getAlgorithm(jwk.getAlgorithm());
KeyDecryptionProvider keyDecryptionProvider = null;
KeyType keyType = jwk.getKeyType();
if (KeyType.RSA == keyType) {
keyDecryptionProvider = getPrivateKeyDecryptionProvider(JwkUtils.toRSAPrivateKey(jwk), keyAlgo);
} else if (KeyType.OCTET == keyType) {
keyDecryptionProvider = getSecretKeyDecryptionProvider(JwkUtils.toSecretKey(jwk), keyAlgo);
} else {
keyDecryptionProvider = getPrivateKeyDecryptionProvider(JwkUtils.toECPrivateKey(jwk), keyAlgo);
}
return keyDecryptionProvider;
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
KeyAlgorithm(org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)
Example 2 with KeyType
use of org.apache.cxf.rs.security.jose.jwk.KeyType in project cxf by apache.
the class JweUtils method getContentDecryptionSecretKey.
public static SecretKey getContentDecryptionSecretKey(JsonWebKey jwk, String defaultAlgorithm) {
String ctEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
KeyType keyType = jwk.getKeyType();
if (KeyType.OCTET == keyType && AlgorithmUtils.isAesGcm(ctEncryptionAlgo)) {
return JwkUtils.toSecretKey(jwk);
}
return null;
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
Example 3 with KeyType
use of org.apache.cxf.rs.security.jose.jwk.KeyType in project cxf by apache.
the class JwsUtils method getSignatureProvider.
public static JwsSignatureProvider getSignatureProvider(JsonWebKey jwk, SignatureAlgorithm defaultAlgorithm) {
SignatureAlgorithm sigAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : SignatureAlgorithm.getAlgorithm(jwk.getAlgorithm());
JwsSignatureProvider theSigProvider = null;
KeyType keyType = jwk.getKeyType();
if (KeyType.RSA == keyType) {
theSigProvider = getPrivateKeySignatureProvider(JwkUtils.toRSAPrivateKey(jwk), sigAlgo);
} else if (KeyType.OCTET == keyType) {
byte[] key = JoseUtils.decode((String) jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
theSigProvider = getHmacSignatureProvider(key, sigAlgo);
} else if (KeyType.EC == jwk.getKeyType()) {
theSigProvider = getPrivateKeySignatureProvider(JwkUtils.toECPrivateKey(jwk), sigAlgo);
}
return theSigProvider;
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
SignatureAlgorithm(org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm)
Example 4 with KeyType
use of org.apache.cxf.rs.security.jose.jwk.KeyType in project cxf by apache.
the class JwkJoseCookBookTest method testPublicSetAsMap.
@Test
public void testPublicSetAsMap() throws Exception {
JsonWebKeys jwks = readKeySet("cookbookPublicSet.txt");
Map<KeyType, List<JsonWebKey>> keysMap = jwks.getKeyTypeMap();
assertEquals(2, keysMap.size());
List<JsonWebKey> rsaKeys = keysMap.get(KeyType.RSA);
assertEquals(1, rsaKeys.size());
assertEquals(5, rsaKeys.get(0).asMap().size());
validatePublicRsaKey(rsaKeys.get(0));
List<JsonWebKey> ecKeys = keysMap.get(KeyType.EC);
assertEquals(1, ecKeys.size());
assertEquals(6, ecKeys.get(0).asMap().size());
validatePublicEcKey(ecKeys.get(0));
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
List(java.util.List)
Test(org.junit.Test)
Example 5 with KeyType
use of org.apache.cxf.rs.security.jose.jwk.KeyType in project cxf by apache.
the class JweUtils method getKeyEncryptionProvider.
public static KeyEncryptionProvider getKeyEncryptionProvider(JsonWebKey jwk, KeyAlgorithm defaultAlgorithm) {
KeyAlgorithm keyAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : KeyAlgorithm.getAlgorithm(jwk.getAlgorithm());
KeyEncryptionProvider keyEncryptionProvider = null;
KeyType keyType = jwk.getKeyType();
if (KeyType.RSA == keyType) {
keyEncryptionProvider = getPublicKeyEncryptionProvider(JwkUtils.toRSAPublicKey(jwk, true), keyAlgo);
} else if (KeyType.OCTET == keyType) {
keyEncryptionProvider = getSecretKeyEncryptionAlgorithm(JwkUtils.toSecretKey(jwk), keyAlgo);
} else {
ContentAlgorithm ctAlgo = null;
Message m = PhaseInterceptorChain.getCurrentMessage();
if (m != null) {
ctAlgo = getContentAlgo((String) m.get(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM));
}
keyEncryptionProvider = new EcdhAesWrapKeyEncryptionAlgorithm(JwkUtils.toECPublicKey(jwk), jwk.getStringProperty(JsonWebKey.EC_CURVE), keyAlgo, ctAlgo == null ? ContentAlgorithm.A128GCM : ctAlgo);
}
return keyEncryptionProvider;
}
Also used :
KeyType(org.apache.cxf.rs.security.jose.jwk.KeyType)
Message(org.apache.cxf.message.Message)
ContentAlgorithm(org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)
KeyAlgorithm(org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)
Aggregations
KeyType (org.apache.cxf.rs.security.jose.jwk.KeyType)7
ContentAlgorithm (org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm)2
KeyAlgorithm (org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm)2
SignatureAlgorithm (org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm)2
List (java.util.List)1
Message (org.apache.cxf.message.Message)1
JsonWebKey (org.apache.cxf.rs.security.jose.jwk.JsonWebKey)1
JsonWebKeys (org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)1
Test (org.junit.Test)1
