Examples with JSONObjectReader org.webpki.json.JSONObjectReader used on opensource projects

Example 1 with JSONObjectReader

use of org.webpki.json.JSONObjectReader in project openkeystore by cyberphone.

the class CborEncryption method readJwk.

static KeyPair readJwk(String keyType) throws Exception {
    JSONObjectReader jwkPlus = JSONParser.parse(ArrayUtil.readFile(baseKey + keyType + "privatekey.jwk"));
    // Note: The built-in JWK decoder does not accept "kid" since it doesn't have a meaning in JSF or JEF.
    keyId = new CBORTextString(jwkPlus.getString("kid"));
    jwkPlus.removeProperty("kid");
    return jwkPlus.getKeyPair();
}

Example 2 with JSONObjectReader

use of org.webpki.json.JSONObjectReader in project openkeystore by cyberphone.

the class JsonEncryption method optionalUpdate.

static void optionalUpdate(String baseName, byte[] encryptedData, LocalDecrypt decrypter) throws Exception {
    String fileName = baseEncryption + baseName;
    JSONObjectReader newEncryptedData = JSONParser.parse(encryptedData);
    if (!ArrayUtil.compare(decrypter.decrypt(newEncryptedData), dataToBeEncrypted)) {
        throw new IOException("Decrypt err:" + baseName);
    }
    boolean changed = true;
    try {
        JSONObjectReader oldEncryptedData = JSONParser.parse(ArrayUtil.readFile(fileName));
        try {
            if (ArrayUtil.compare(decrypter.decrypt(oldEncryptedData), dataToBeEncrypted)) {
                // All good but are the new and old effectively the same?
                if (cleanEncryption(newEncryptedData).equals(cleanEncryption(oldEncryptedData))) {
                    // Yes, don't rewrite.
                    return;
                }
            }
        } catch (Exception e) {
        }
    } catch (Exception e) {
        // New I guess
        changed = false;
    }
    if (changed) {
        System.out.println("UPDATED: " + baseName);
    }
    ArrayUtil.writeFile(fileName, encryptedData);
}

Example 3 with JSONObjectReader

use of org.webpki.json.JSONObjectReader in project openkeystore by cyberphone.

the class JsonEncryption method coreAsymEnc.

static void coreAsymEnc(String keyType, String fileSuffix, ContentEncryptionAlgorithms contentEncryptionAlgorithm, boolean wantKeyId, boolean wantPublicKey, JSONCryptoHelper.ExtensionHolder extensionHolder, JSONObjectWriter extensions) throws Exception {
    KeyPair keyPair = readJwk(keyType);
    KeyEncryptionAlgorithms keyEncryptionAlgorithm = KeyEncryptionAlgorithms.RSA_OAEP_256;
    if (!(keyPair.getPublic() instanceof RSAKey)) {
        switch(contentEncryptionAlgorithm.getKeyLength()) {
            case 16:
                keyEncryptionAlgorithm = KeyEncryptionAlgorithms.ECDH_ES_A128KW;
                break;
            case 32:
                keyEncryptionAlgorithm = KeyEncryptionAlgorithms.ECDH_ES_A256KW;
                break;
            default:
                keyEncryptionAlgorithm = KeyEncryptionAlgorithms.ECDH_ES;
                break;
        }
    }
    if (keyEncryptionAlgorithm == KeyEncryptionAlgorithms.RSA_OAEP_256 && contentEncryptionAlgorithm == ContentEncryptionAlgorithms.A128GCM) {
        keyEncryptionAlgorithm = KeyEncryptionAlgorithms.RSA_OAEP;
    }
    JSONAsymKeyEncrypter encrypter = new JSONAsymKeyEncrypter(keyPair.getPublic(), keyEncryptionAlgorithm);
    JSONCryptoHelper.Options options = new JSONCryptoHelper.Options();
    if (extensionHolder != null) {
        options.setPermittedExtensions(extensionHolder);
        encrypter.setExtensions(extensions);
    }
    encrypter.setOutputPublicKeyInfo(wantPublicKey);
    if (!wantPublicKey) {
        options.setPublicKeyOption(JSONCryptoHelper.PUBLIC_KEY_OPTIONS.FORBIDDEN);
    }
    if (wantKeyId) {
        encrypter.setKeyId(keyId);
        options.setKeyIdOption(JSONCryptoHelper.KEY_ID_OPTIONS.REQUIRED);
    }
    byte[] encryptedData = JSONObjectWriter.createEncryptionObject(dataToBeEncrypted, contentEncryptionAlgorithm, encrypter).serializeToBytes(JSONOutputFormats.PRETTY_PRINT);
    optionalUpdate(keyType + "#" + keyEncryptionAlgorithm.getJoseAlgorithmId().toLowerCase() + "@" + contentEncryptionAlgorithm.getJoseAlgorithmId().toLowerCase() + "@" + fileSuffix, encryptedData, new LocalDecrypt() {

        @Override
        public byte[] decrypt(JSONObjectReader reader) throws Exception {
            return reader.getEncryptionObject(options).getDecryptedData(keyPair.getPrivate());
        }
    });
}

Example 4 with JSONObjectReader

use of org.webpki.json.JSONObjectReader in project openkeystore by cyberphone.

the class AuthenticationRequestDecoder method readServerRequest.

// ///////////////////////////////////////////////////////////////////////////////////////////
// JSON Reader
// ///////////////////////////////////////////////////////////////////////////////////////////
@Override
void readServerRequest(JSONObjectReader rd) throws IOException {
    // ///////////////////////////////////////////////////////////////////////////////////////
    // Read the top level properties
    // ///////////////////////////////////////////////////////////////////////////////////////
    id = InputValidator.getID(rd, ID_JSON);
    serverTime = rd.getDateTime(SERVER_TIME_JSON, ISODateTime.UTC_NO_SUBSECONDS);
    languages = InputValidator.getListConditional(rd, PREFERRED_LANGUAGES_JSON);
    keyContainerList = KeyContainerTypes.getOptionalKeyContainerSet(InputValidator.getListConditional(rd, KeyContainerTypes.KCT_TARGET_KEY_CONTAINERS));
    extendedCertPath = rd.getBooleanConditional(EXTENDED_CERT_PATH_JSON);
    // Default: no timeout and associated GUI
    expires = rd.hasProperty(EXPIRES_JSON) ? rd.getInt(EXPIRES_JSON) : -1;
    // ///////////////////////////////////////////////////////////////////////////////////////
    // Optional client features [0..1]
    // ///////////////////////////////////////////////////////////////////////////////////////
    String[] features = InputValidator.getURIListConditional(rd, CLIENT_FEATURES_JSON);
    if (features != null)
        for (String feature : features) {
            if (!clientFeatures.add(feature)) {
                bad("Duplicate \"" + CLIENT_FEATURES_JSON + "\"  :" + feature);
            }
        }
    // ///////////////////////////////////////////////////////////////////////////////////////
    for (String sig_alg_string : InputValidator.getNonEmptyList(rd, SIGNATURE_ALGORITHMS_JSON)) {
        AsymSignatureAlgorithms sig_alg = AsymSignatureAlgorithms.getAlgorithmFromId(sig_alg_string, AlgorithmPreferences.JOSE_ACCEPT_PREFER);
        if (!algorithms.add(sig_alg)) {
            bad("Duplicate \"" + SIGNATURE_ALGORITHMS_JSON + "\" : " + sig_alg_string);
        }
        if (sig_alg.getDigestAlgorithm() == null) {
            bad("Not a proper signature algorithm: " + sig_alg_string);
        }
    }
    // ///////////////////////////////////////////////////////////////////////////////////////
    for (JSONObjectReader cf : InputValidator.getObjectArrayConditional(rd, CERTIFICATE_FILTERS_JSON)) {
        certificateFilters.add(CertificateFilterReader.read(cf));
    }
}

Example 5 with JSONObjectReader

use of org.webpki.json.JSONObjectReader in project openkeystore by cyberphone.

the class CBORTest method readJwk.

static KeyPair readJwk(String keyType) throws Exception {
    JSONObjectReader jwkPlus = JSONParser.parse(ArrayUtil.readFile(baseKey + keyType + "privatekey.jwk"));
    // Note: The built-in JWK decoder does not accept "kid" since it doesn't have a meaning in JSF or JEF.
    keyId = new CBORTextString(jwkPlus.getString("kid"));
    jwkPlus.removeProperty("kid");
    return jwkPlus.getKeyPair();
}