use of org.xdi.oxauth.model.jwt.JwtClaims in project oxAuth by GluuFederation.
the class AbstractJweDecrypter method decrypt.
@Override
public Jwe decrypt(String encryptedJwe) throws InvalidJweException {
try {
if (StringUtils.isBlank(encryptedJwe)) {
return null;
}
String[] jweParts = encryptedJwe.split("\\.");
if (jweParts.length != 5) {
throw new InvalidJwtException("Invalid JWS format.");
}
String encodedHeader = jweParts[0];
String encodedEncryptedKey = jweParts[1];
String encodedInitializationVector = jweParts[2];
String encodedCipherText = jweParts[3];
String encodedIntegrityValue = jweParts[4];
Jwe jwe = new Jwe();
jwe.setEncodedHeader(encodedHeader);
jwe.setEncodedEncryptedKey(encodedEncryptedKey);
jwe.setEncodedInitializationVector(encodedInitializationVector);
jwe.setEncodedCiphertext(encodedCipherText);
jwe.setEncodedIntegrityValue(encodedIntegrityValue);
jwe.setHeader(new JwtHeader(encodedHeader));
keyEncryptionAlgorithm = KeyEncryptionAlgorithm.fromName(jwe.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
blockEncryptionAlgorithm = BlockEncryptionAlgorithm.fromName(jwe.getHeader().getClaimAsString(JwtHeaderName.ENCRYPTION_METHOD));
byte[] contentMasterKey = decryptEncryptionKey(encodedEncryptedKey);
byte[] initializationVector = Base64Util.base64urldecode(encodedInitializationVector);
byte[] authenticationTag = Base64Util.base64urldecode(encodedIntegrityValue);
byte[] additionalAuthenticatedData = jwe.getAdditionalAuthenticatedData().getBytes(Util.UTF8_STRING_ENCODING);
String plainText = decryptCipherText(encodedCipherText, contentMasterKey, initializationVector, authenticationTag, additionalAuthenticatedData);
jwe.setClaims(new JwtClaims(plainText));
return jwe;
} catch (InvalidJwtException e) {
throw new InvalidJweException(e);
} catch (UnsupportedEncodingException e) {
throw new InvalidJweException(e);
}
}
Aggregations