Examples with ECEllipticCurve - org.gluu.oxauth.model.crypto.signature.ECEllipticCurve

Example 1 with ECEllipticCurve

use of org.gluu.oxauth.model.crypto.signature.ECEllipticCurve in project oxAuth by GluuFederation.

the class AbstractCryptoProvider method getPublicKey.

public PublicKey getPublicKey(String alias, JSONObject jwks, Algorithm requestedAlgorithm) throws Exception {
    java.security.PublicKey publicKey = null;
    JSONArray webKeys = jwks.getJSONArray(JSON_WEB_KEY_SET);
    for (int i = 0; i < webKeys.length(); i++) {
        JSONObject key = webKeys.getJSONObject(i);
        if (alias.equals(key.getString(KEY_ID))) {
            AlgorithmFamily family = null;
            if (key.has(ALGORITHM)) {
                Algorithm algorithm = Algorithm.fromString(key.optString(ALGORITHM));
                if (requestedAlgorithm != null && algorithm != requestedAlgorithm) {
                    LOG.trace("kid matched but algorithm does not match. kid algorithm:" + algorithm + ", requestedAlgorithm:" + requestedAlgorithm + ", kid:" + alias);
                    continue;
                }
                family = algorithm.getFamily();
            } else if (key.has(KEY_TYPE)) {
                family = AlgorithmFamily.fromString(key.getString(KEY_TYPE));
            }
            if (AlgorithmFamily.RSA.equals(family)) {
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(1, Base64Util.base64urldecode(key.getString(MODULUS))), new BigInteger(1, Base64Util.base64urldecode(key.getString(EXPONENT))));
                publicKey = keyFactory.generatePublic(pubKeySpec);
            } else if (AlgorithmFamily.EC.equals(family)) {
                ECEllipticCurve curve = ECEllipticCurve.fromString(key.optString(CURVE));
                AlgorithmParameters parameters = AlgorithmParameters.getInstance(AlgorithmFamily.EC.toString());
                parameters.init(new ECGenParameterSpec(curve.getAlias()));
                ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
                publicKey = KeyFactory.getInstance(AlgorithmFamily.EC.toString()).generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Base64Util.base64urldecode(key.getString(X))), new BigInteger(1, Base64Util.base64urldecode(key.getString(Y)))), ecParameters));
            }
            if (key.has(EXPIRATION_TIME)) {
                checkKeyExpiration(alias, key.getLong(EXPIRATION_TIME));
            }
        }
    }
    return publicKey;
}

Also used : ECEllipticCurve(org.gluu.oxauth.model.crypto.signature.ECEllipticCurve) JSONArray(org.json.JSONArray) PublicKey(java.security.PublicKey) SignatureAlgorithm(org.gluu.oxauth.model.crypto.signature.SignatureAlgorithm) Algorithm(org.gluu.oxauth.model.jwk.Algorithm) AlgorithmFamily(org.gluu.oxauth.model.crypto.signature.AlgorithmFamily) JSONObject(org.json.JSONObject) BigInteger(java.math.BigInteger) KeyFactory(java.security.KeyFactory) AlgorithmParameters(java.security.AlgorithmParameters)

Aggregations

BigInteger (java.math.BigInteger)1 AlgorithmParameters (java.security.AlgorithmParameters)1 KeyFactory (java.security.KeyFactory)1 PublicKey (java.security.PublicKey)1 AlgorithmFamily (org.gluu.oxauth.model.crypto.signature.AlgorithmFamily)1 ECEllipticCurve (org.gluu.oxauth.model.crypto.signature.ECEllipticCurve)1 SignatureAlgorithm (org.gluu.oxauth.model.crypto.signature.SignatureAlgorithm)1 Algorithm (org.gluu.oxauth.model.jwk.Algorithm)1 JSONArray (org.json.JSONArray)1 JSONObject (org.json.JSONObject)1