use of org.keycloak.jose.jwe.alg.RsaKeyEncryptionJWEAlgorithmProvider in project keycloak by keycloak.
the class JWETest method testKeyEncryption_ContentEncryptionAesGcm.
private void testKeyEncryption_ContentEncryptionAesGcm(String jweAlgorithmName, String jweEncryptionName) throws Exception {
// generate key pair for KEK
KeyPair keyPair = KeyUtils.generateRsaKeyPair(2048);
JWEAlgorithmProvider jweAlgorithmProvider = new RsaKeyEncryptionJWEAlgorithmProvider(getJcaAlgorithmName(jweAlgorithmName));
JWEEncryptionProvider jweEncryptionProvider = new AesGcmJWEEncryptionProvider(jweEncryptionName);
JWEHeader jweHeader = new JWEHeader(jweAlgorithmName, jweEncryptionName, null);
JWE jwe = new JWE().header(jweHeader).content(PAYLOAD.getBytes(StandardCharsets.UTF_8));
jwe.getKeyStorage().setEncryptionKey(keyPair.getPublic());
String encodedContent = jwe.encodeJwe(jweAlgorithmProvider, jweEncryptionProvider);
System.out.println("Encoded content: " + encodedContent);
System.out.println("Encoded content length: " + encodedContent.length());
jwe = new JWE();
jwe.getKeyStorage().setDecryptionKey(keyPair.getPrivate());
jwe.verifyAndDecodeJwe(encodedContent, jweAlgorithmProvider, jweEncryptionProvider);
String decodedContent = new String(jwe.getContent(), StandardCharsets.UTF_8);
System.out.println("Decoded content: " + decodedContent);
System.out.println("Decoded content length: " + decodedContent.length());
Assert.assertEquals(PAYLOAD, decodedContent);
}
use of org.keycloak.jose.jwe.alg.RsaKeyEncryptionJWEAlgorithmProvider in project keycloak by keycloak.
the class JWETest method testKeyEncryption_ContentEncryptionAesHmacSha.
private void testKeyEncryption_ContentEncryptionAesHmacSha(String jweAlgorithmName, String jweEncryptionName) throws Exception {
// generate key pair for KEK
KeyPair keyPair = KeyUtils.generateRsaKeyPair(2048);
// generate CEK
final SecretKey aesKey = new SecretKeySpec(AES_128_KEY, "AES");
final SecretKey hmacKey = new SecretKeySpec(HMAC_SHA256_KEY, "HMACSHA2");
JWEAlgorithmProvider jweAlgorithmProvider = new RsaKeyEncryptionJWEAlgorithmProvider(getJcaAlgorithmName(jweAlgorithmName));
JWEEncryptionProvider jweEncryptionProvider = new AesCbcHmacShaJWEEncryptionProvider(jweEncryptionName);
JWEHeader jweHeader = new JWEHeader(jweAlgorithmName, jweEncryptionName, null);
JWE jwe = new JWE().header(jweHeader).content(PAYLOAD.getBytes(StandardCharsets.UTF_8));
jwe.getKeyStorage().setEncryptionKey(keyPair.getPublic());
jwe.getKeyStorage().setCEKKey(aesKey, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(hmacKey, JWEKeyStorage.KeyUse.SIGNATURE);
String encodedContent = jwe.encodeJwe(jweAlgorithmProvider, jweEncryptionProvider);
System.out.println("Encoded content: " + encodedContent);
System.out.println("Encoded content length: " + encodedContent.length());
jwe = new JWE();
jwe.getKeyStorage().setDecryptionKey(keyPair.getPrivate());
jwe.getKeyStorage().setCEKKey(aesKey, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(hmacKey, JWEKeyStorage.KeyUse.SIGNATURE);
jwe.verifyAndDecodeJwe(encodedContent, jweAlgorithmProvider, jweEncryptionProvider);
String decodedContent = new String(jwe.getContent(), StandardCharsets.UTF_8);
System.out.println("Decoded content: " + decodedContent);
System.out.println("Decoded content length: " + decodedContent.length());
Assert.assertEquals(PAYLOAD, decodedContent);
}
Aggregations