Search in sources :

Example 1 with ECDSAPrivateKey

use of org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey in project oxAuth by GluuFederation.

the class ECDSASigner method generateSignature.

@Override
public String generateSignature(String signingInput) throws SignatureException {
    if (getSignatureAlgorithm() == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (ecdsaPrivateKey == null) {
        throw new SignatureException("The ECDSA private key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    try {
        ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(getSignatureAlgorithm().getCurve().getName());
        ECPrivateKeySpec privateKeySpec = new ECPrivateKeySpec(ecdsaPrivateKey.getD(), ecSpec);
        KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC");
        PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec);
        Signature signer = Signature.getInstance(getSignatureAlgorithm().getAlgorithm(), "BC");
        signer.initSign(privateKey);
        signer.update(signingInput.getBytes(Util.UTF8_STRING_ENCODING));
        byte[] signature = signer.sign();
        if (AlgorithmFamily.EC.equals(getSignatureAlgorithm().getFamily())) {
            int signatureLenght = ECDSA.getSignatureByteArrayLength(JWSAlgorithm.parse(getSignatureAlgorithm().getName()));
            signature = ECDSA.transcodeSignatureToConcat(signature, signatureLenght);
        }
        return Base64Util.base64urlencode(signature);
    } catch (InvalidKeySpecException e) {
        throw new SignatureException(e);
    } catch (InvalidKeyException e) {
        throw new SignatureException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new SignatureException(e);
    } catch (NoSuchProviderException e) {
        throw new SignatureException(e);
    } catch (UnsupportedEncodingException e) {
        throw new SignatureException(e);
    } catch (Exception e) {
        throw new SignatureException(e);
    }
}
Also used : ECPrivateKeySpec(org.bouncycastle.jce.spec.ECPrivateKeySpec) ECDSAPrivateKey(org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ECPoint(org.bouncycastle.math.ec.ECPoint) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 2 with ECDSAPrivateKey

use of org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey in project oxAuth by GluuFederation.

the class KeyGenerator method generateU2fAttestationKeys.

public static void generateU2fAttestationKeys(Date startDate, Date expirationDate, String dnName) throws Exception {
    ECDSAKeyFactory keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES256, null);
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    Certificate certificate = keyFactory.generateV3Certificate(startDate, expirationDate, dnName);
    key.setCertificate(certificate);
    key.setKeyType(SignatureAlgorithm.ES256.getFamily().getValue());
    key.setUse(Use.SIGNATURE.toString());
    key.setAlgorithm(SignatureAlgorithm.ES256.getName());
    key.setKeyId(UUID.randomUUID().toString());
    key.setExpirationTime(expirationDate.getTime());
    key.setCurve(SignatureAlgorithm.ES256.getCurve());
    JSONObject jsonKey = key.toJSONObject();
    System.out.println(jsonKey);
    System.out.println("CERTIFICATE:");
    System.out.println(certificate);
}
Also used : ECDSAKeyFactory(org.gluu.oxauth.model.crypto.signature.ECDSAKeyFactory) JSONObject(org.json.JSONObject) ECDSAPrivateKey(org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.gluu.oxauth.model.crypto.Certificate)

Example 3 with ECDSAPrivateKey

use of org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey in project oxAuth by GluuFederation.

the class SignatureTest method generateES384Keys.

@Test
public void generateES384Keys() throws Exception {
    showTitle("TEST: generateES384Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES384, "CN=Test CA Certificate");
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    ECDSAPrivateKey privateKey = key.getPrivateKey();
    ECDSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES384, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES384, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES384, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(org.gluu.oxauth.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(org.gluu.oxauth.model.jws.ECDSASigner) ECDSAPrivateKey(org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.gluu.oxauth.model.crypto.Certificate) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 4 with ECDSAPrivateKey

use of org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey in project oxAuth by GluuFederation.

the class SignatureTest method generateES256Keys.

@Test
public void generateES256Keys() throws Exception {
    showTitle("TEST: generateES256Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES256, "CN=Test CA Certificate");
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    ECDSAPrivateKey privateKey = key.getPrivateKey();
    ECDSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES256, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES256, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES256, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(org.gluu.oxauth.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(org.gluu.oxauth.model.jws.ECDSASigner) ECDSAPrivateKey(org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.gluu.oxauth.model.crypto.Certificate) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 5 with ECDSAPrivateKey

use of org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey in project oxAuth by GluuFederation.

the class SignatureTest method generateES512Keys.

@Test
public void generateES512Keys() throws Exception {
    showTitle("TEST: generateES512Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES512, "CN=Test CA Certificate");
    ECDSAPrivateKey privateKey = keyFactory.getPrivateKey();
    ECDSAPublicKey publicKey = keyFactory.getPublicKey();
    Certificate certificate = keyFactory.getCertificate();
    System.out.println("PRIVATE KEY");
    System.out.println(privateKey);
    System.out.println("PUBLIC KEY");
    System.out.println(publicKey);
    System.out.println("CERTIFICATE");
    System.out.println(certificate);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES512, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES512, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES512, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(org.gluu.oxauth.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(org.gluu.oxauth.model.jws.ECDSASigner) ECDSAPrivateKey(org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.gluu.oxauth.model.crypto.Certificate) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Aggregations

ECDSAPrivateKey (org.gluu.oxauth.model.crypto.signature.ECDSAPrivateKey)5 Certificate (org.gluu.oxauth.model.crypto.Certificate)4 ECDSAKeyFactory (org.gluu.oxauth.model.crypto.signature.ECDSAKeyFactory)4 ECDSAPublicKey (org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey)4 BaseTest (org.gluu.oxauth.BaseTest)3 ECDSASigner (org.gluu.oxauth.model.jws.ECDSASigner)3 Test (org.testng.annotations.Test)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 ECParameterSpec (org.bouncycastle.jce.spec.ECParameterSpec)1 ECPrivateKeySpec (org.bouncycastle.jce.spec.ECPrivateKeySpec)1 ECPoint (org.bouncycastle.math.ec.ECPoint)1 JSONObject (org.json.JSONObject)1