Search in sources :

Example 6 with JsonWebEncryption

use of org.jose4j.jwe.JsonWebEncryption in project cas by apereo.

the class EncodingUtils method encryptValueAsJwt.

/**
 * Encrypt the value based on the seed array whose length was given,
 * and the key and content encryption ids.
 *
 * @param secretKeyEncryptionKey          the secret key encryption key
 * @param value                           the value
 * @param algorithmHeaderValue            the algorithm header value
 * @param encryptionMethodHeaderParameter the content encryption algorithm identifier
 * @param keyIdHeaderValue                the key id header value
 * @param customHeaders                   the custom headers
 * @return the encoded value
 */
public static String encryptValueAsJwt(final Key secretKeyEncryptionKey, final Serializable value, final String algorithmHeaderValue, final String encryptionMethodHeaderParameter, final String keyIdHeaderValue, final Map<String, Object> customHeaders) {
    try {
        val jwe = new JsonWebEncryption();
        jwe.setPayload(value.toString());
        jwe.enableDefaultCompression();
        jwe.setAlgorithmHeaderValue(algorithmHeaderValue);
        jwe.setEncryptionMethodHeaderParameter(encryptionMethodHeaderParameter);
        jwe.setKey(secretKeyEncryptionKey);
        jwe.setContentTypeHeaderValue("JWT");
        jwe.setHeader("typ", "JWT");
        customHeaders.forEach((k, v) -> jwe.setHeader(k, v.toString()));
        if (StringUtils.isNotBlank(keyIdHeaderValue)) {
            jwe.setKeyIdHeaderValue(keyIdHeaderValue);
        }
        LOGGER.trace("Encrypting via [{}]", encryptionMethodHeaderParameter);
        return jwe.getCompactSerialization();
    } catch (final Exception e) {
        throw new IllegalArgumentException(e.getMessage(), e);
    }
}
Also used : lombok.val(lombok.val) JsonWebEncryption(org.jose4j.jwe.JsonWebEncryption) DecryptionException(org.apereo.cas.util.crypto.DecryptionException)

Example 7 with JsonWebEncryption

use of org.jose4j.jwe.JsonWebEncryption in project cas by apereo.

the class EncodingUtils method decryptJwtValue.

/**
 * Decrypt value based on the key created.
 *
 * @param secretKeyEncryptionKey the secret key encryption key
 * @param value                  the value
 * @return the decrypted value
 */
public static String decryptJwtValue(final Key secretKeyEncryptionKey, final String value) {
    try {
        val jwe = new JsonWebEncryption();
        jwe.setKey(secretKeyEncryptionKey);
        jwe.setCompactSerialization(value);
        LOGGER.trace("Decrypting value...");
        return jwe.getPayload();
    } catch (final Exception e) {
        if (LOGGER.isTraceEnabled()) {
            throw new DecryptionException(e);
        }
        throw new DecryptionException();
    }
}
Also used : lombok.val(lombok.val) JsonWebEncryption(org.jose4j.jwe.JsonWebEncryption) DecryptionException(org.apereo.cas.util.crypto.DecryptionException) DecryptionException(org.apereo.cas.util.crypto.DecryptionException)

Example 8 with JsonWebEncryption

use of org.jose4j.jwe.JsonWebEncryption in project oxAuth by GluuFederation.

the class CrossEncryptionTest method testDecryptWithJose4J.

public boolean testDecryptWithJose4J(String jwe) {
    try {
        PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(recipientJwkJson);
        JsonWebEncryption receiverJwe = new JsonWebEncryption();
        AlgorithmConstraints algConstraints = new AlgorithmConstraints(ConstraintType.WHITELIST, KeyManagementAlgorithmIdentifiers.RSA_OAEP);
        receiverJwe.setAlgorithmConstraints(algConstraints);
        AlgorithmConstraints encConstraints = new AlgorithmConstraints(ConstraintType.WHITELIST, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM);
        receiverJwe.setContentEncryptionAlgorithmConstraints(encConstraints);
        receiverJwe.setKey(jwk.getPrivateKey());
        receiverJwe.setCompactSerialization(jwe);
        final String decryptedPayload = new String(Base64Util.base64urldecode(receiverJwe.getPlaintextString()));
        System.out.println("Jose4j decrypt succeed: " + decryptedPayload);
        if (isJsonEqual(decryptedPayload, PAYLOAD)) {
            return true;
        }
    } catch (Exception e) {
        System.out.println("Jose4j decrypt failed: " + e.getMessage());
        e.printStackTrace();
    }
    return false;
}
Also used : JsonWebEncryption(org.jose4j.jwe.JsonWebEncryption) JSONException(org.json.JSONException) ParseException(java.text.ParseException) InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException) IOException(java.io.IOException) InvalidJweException(org.gluu.oxauth.model.exception.InvalidJweException) PublicJsonWebKey(org.jose4j.jwk.PublicJsonWebKey) AlgorithmConstraints(org.jose4j.jwa.AlgorithmConstraints)

Aggregations

JsonWebEncryption (org.jose4j.jwe.JsonWebEncryption)8 lombok.val (lombok.val)2 DecryptionException (org.apereo.cas.util.crypto.DecryptionException)2 AlgorithmConstraints (org.jose4j.jwa.AlgorithmConstraints)2 IOException (java.io.IOException)1 CharBuffer (java.nio.CharBuffer)1 ParseException (java.text.ParseException)1 Nullable (javax.annotation.Nullable)1 InvalidJweException (org.gluu.oxauth.model.exception.InvalidJweException)1 InvalidJwtException (org.gluu.oxauth.model.exception.InvalidJwtException)1 PublicJsonWebKey (org.jose4j.jwk.PublicJsonWebKey)1 RsaJsonWebKey (org.jose4j.jwk.RsaJsonWebKey)1 JoseException (org.jose4j.lang.JoseException)1 JSONException (org.json.JSONException)1 RemotePinException (org.openecard.addons.cg.ex.RemotePinException)1