Search in sources :

Example 11 with ECDSAPublicKey

use of org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey in project oxAuth by GluuFederation.

the class Certificate method getPublicKey.

public PublicKey getPublicKey() {
    PublicKey publicKey = null;
    if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCRSAPublicKey) {
        BCRSAPublicKey jcersaPublicKey = (BCRSAPublicKey) x509Certificate.getPublicKey();
        publicKey = new RSAPublicKey(jcersaPublicKey.getModulus(), jcersaPublicKey.getPublicExponent());
    } else if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCECPublicKey) {
        BCECPublicKey jceecPublicKey = (BCECPublicKey) x509Certificate.getPublicKey();
        publicKey = new ECDSAPublicKey(signatureAlgorithm, jceecPublicKey.getQ().getX().toBigInteger(), jceecPublicKey.getQ().getY().toBigInteger());
    }
    return publicKey;
}
Also used : RSAPublicKey(org.xdi.oxauth.model.crypto.signature.RSAPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) RSAPublicKey(org.xdi.oxauth.model.crypto.signature.RSAPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey)

Example 12 with ECDSAPublicKey

use of org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey in project oxAuth by GluuFederation.

the class SignatureTest method generateES384Keys.

@Test
public void generateES384Keys() throws Exception {
    showTitle("TEST: generateES384Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES384, "CN=Test CA Certificate");
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    ECDSAPrivateKey privateKey = key.getPrivateKey();
    ECDSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES384, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES384, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES384, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(org.xdi.oxauth.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(org.xdi.oxauth.model.jws.ECDSASigner) ECDSAPrivateKey(org.xdi.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.xdi.oxauth.model.crypto.Certificate) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 13 with ECDSAPublicKey

use of org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey in project oxAuth by GluuFederation.

the class SignatureTest method generateES256Keys.

@Test
public void generateES256Keys() throws Exception {
    showTitle("TEST: generateES256Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES256, "CN=Test CA Certificate");
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    ECDSAPrivateKey privateKey = key.getPrivateKey();
    ECDSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES256, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES256, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES256, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(org.xdi.oxauth.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(org.xdi.oxauth.model.jws.ECDSASigner) ECDSAPrivateKey(org.xdi.oxauth.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey) Certificate(org.xdi.oxauth.model.crypto.Certificate) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 14 with ECDSAPublicKey

use of org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey in project oxAuth by GluuFederation.

the class ECDSASigner method validateSignature.

@Override
public boolean validateSignature(String signingInput, String signature) throws SignatureException {
    if (getSignatureAlgorithm() == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (ecdsaPublicKey == null) {
        throw new SignatureException("The ECDSA public key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    String algorithm;
    String curve;
    switch(getSignatureAlgorithm()) {
        case ES256:
            algorithm = "SHA256WITHECDSA";
            curve = "P-256";
            break;
        case ES384:
            algorithm = "SHA384WITHECDSA";
            curve = "P-384";
            break;
        case ES512:
            algorithm = "SHA512WITHECDSA";
            curve = "P-521";
            break;
        default:
            throw new SignatureException("Unsupported signature algorithm");
    }
    try {
        byte[] sigBytes = Base64Util.base64urldecode(signature);
        byte[] sigInBytes = signingInput.getBytes(Util.UTF8_STRING_ENCODING);
        ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(curve);
        BigInteger q = ((ECCurve.AbstractFp) ecSpec.getCurve()).getField().getCharacteristic();
        ECFieldElement xFieldElement = new ECFieldElement.Fp(q, ecdsaPublicKey.getX());
        ECFieldElement yFieldElement = new ECFieldElement.Fp(q, ecdsaPublicKey.getY());
        ECPoint pointQ = new ECPoint.Fp(ecSpec.getCurve(), xFieldElement, yFieldElement);
        ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(pointQ, ecSpec);
        KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC");
        PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
        Signature sig = Signature.getInstance(algorithm, "BC");
        sig.initVerify(publicKey);
        sig.update(sigInBytes);
        return sig.verify(sigBytes);
    } catch (InvalidKeySpecException e) {
        throw new SignatureException(e);
    } catch (InvalidKeyException e) {
        throw new SignatureException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new SignatureException(e);
    } catch (NoSuchProviderException e) {
        throw new SignatureException(e);
    } catch (UnsupportedEncodingException e) {
        throw new SignatureException(e);
    } catch (Exception e) {
        throw new SignatureException(e);
    }
}
Also used : ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ECPoint(org.bouncycastle.math.ec.ECPoint) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) ECCurve(org.bouncycastle.math.ec.ECCurve) BigInteger(java.math.BigInteger) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) ECFieldElement(org.bouncycastle.math.ec.ECFieldElement)

Aggregations

ECDSAPublicKey (org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey)14 Test (org.testng.annotations.Test)7 BaseTest (org.xdi.oxauth.BaseTest)7 ECDSASigner (org.xdi.oxauth.model.jws.ECDSASigner)7 Certificate (org.xdi.oxauth.model.crypto.Certificate)5 Parameters (org.testng.annotations.Parameters)4 ResponseType (org.xdi.oxauth.model.common.ResponseType)4 ECDSAKeyFactory (org.xdi.oxauth.model.crypto.signature.ECDSAKeyFactory)4 ECDSAPrivateKey (org.xdi.oxauth.model.crypto.signature.ECDSAPrivateKey)4 RSAPublicKey (org.xdi.oxauth.model.crypto.signature.RSAPublicKey)4 Jwt (org.xdi.oxauth.model.jwt.Jwt)4 PublicKey (org.xdi.oxauth.model.crypto.PublicKey)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 BigInteger (java.math.BigInteger)2 BCECPublicKey (org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)2 JSONObject (org.codehaus.jettison.json.JSONObject)2 StringReader (java.io.StringReader)1 X509Certificate (java.security.cert.X509Certificate)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 BCRSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey)1