Package com.nimbusds.jose.util

Examples of com.nimbusds.jose.util.Base64URL


    // Create signer from raw Java RSA key
    JWSObject jwsObject1 = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), new Payload("test123"));
    JWSSigner signer = new RSASSASigner(rsaPrivateKey);
    jwsObject1.sign(signer);
    Base64URL sig1 = jwsObject1.getSignature();

    // Create signer from JWK representation
    RSAKey rsaJWK = new RSAKey.Builder(rsaPublicKey).privateKey(rsaPrivateKey).build();

    JWSObject jwsObject2 = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), new Payload("test123"));
    signer = new RSASSASigner(rsaJWK.toRSAPrivateKey());
    jwsObject2.sign(signer);
    Base64URL sig2 = jwsObject2.getSignature();

    assertTrue("Signature comparison", sig1.equals(sig2));

    // Verifier from raw Java RSA key
    JWSVerifier verifier = new RSASSAVerifier(rsaPublicKey);
View Full Code Here


    if (enc.cekBitLength() != getKey().getEncoded().length * 8) {

      throw new JOSEException("The Content Encryption Key (CEK) length must be " + enc.cekBitLength() + " bits for " + enc + " encryption");
    }

    final Base64URL encryptedKey = null; // The second JWE part


    // Apply compression if instructed
    byte[] plainText = DeflateHelper.applyCompression(readOnlyJWEHeader, bytes);

View Full Code Here

    byte[] epu = null;

    if (header.getCustomParam("epu") instanceof String) {

      epu = new Base64URL((String)header.getCustomParam("epu")).decode();
    }

    byte[] epv = null;

    if (header.getCustomParam("epv") instanceof String) {

      epv = new Base64URL((String)header.getCustomParam("epv")).decode();
    }

    // Generate alternative CEK using concat-KDF
    SecretKey altCEK = ConcatKDF.generateCEK(secretKey, header.getEncryptionMethod(), epu, epv);
View Full Code Here

    byte[] epu = null;

    if (header.getCustomParam("epu") instanceof String) {

      epu = new Base64URL((String)header.getCustomParam("epu")).decode();
    }

    byte[] epv = null;

    if (header.getCustomParam("epv") instanceof String) {

      epv = new Base64URL((String)header.getCustomParam("epv")).decode();
    }

    SecretKey cekAlt = ConcatKDF.generateCEK(secretKey, header.getEncryptionMethod(), epu, epv);

    final byte[] plainText = AESCBC.decrypt(cekAlt, iv.decode(), cipherText.decode(), ceProvider);
View Full Code Here

   */
  public static OctetSequenceKey parse(final JSONObject jsonObject)
    throws ParseException {

    // Parse the mandatory parameters first
    Base64URL k = new Base64URL(JSONObjectUtils.getString(jsonObject, "k"));

    // Check key type
    KeyType kty = KeyType.parse(JSONObjectUtils.getString(jsonObject, "kty"));

    if (kty != KeyType.OCT) {

      throw new ParseException("The key type \"kty\" must be oct", 0);
    }

    // Get optional key use
    KeyUse use = null;

    if (jsonObject.containsKey("use")) {
      use = KeyUse.parse(JSONObjectUtils.getString(jsonObject, "use"));
    }

    // Get optional key operations
    Set<KeyOperation> ops = null;

    if (jsonObject.containsKey("key_ops")) {
      ops = KeyOperation.parse(JSONObjectUtils.getStringList(jsonObject, "key_ops"));
    }

    // Get optional intended algorithm
    Algorithm alg = null;

    if (jsonObject.containsKey("alg")) {
      alg = new Algorithm(JSONObjectUtils.getString(jsonObject, "alg"));
    }

    // Get optional key ID
    String kid = null;

    if (jsonObject.containsKey("kid")) {
      kid = JSONObjectUtils.getString(jsonObject, "kid");
    }

    // Get optional X.509 cert URL
    URL x5u = null;

    if (jsonObject.containsKey("x5u")) {
      x5u = JSONObjectUtils.getURL(jsonObject, "x5u")
    }

    // Get optional X.509 cert thumbprint
    Base64URL x5t = null;

    if (jsonObject.containsKey("x5t")) {
      x5t = new Base64URL(JSONObjectUtils.getString(jsonObject, "x5t"));
    }

    // Get optional X.509 cert chain
    List<Base64> x5c = null;

View Full Code Here

  public void testFullConstructorAndSerialization()
    throws Exception {

    URL x5u = new URL("http://example.com/jwk.json");
    Base64URL x5t = new Base64URL("abc");
    List<Base64> x5c = new LinkedList<>();
    x5c.add(new Base64("def"));

    RSAKey key = new RSAKey(new Base64URL(n), new Base64URL(e), new Base64URL(d),
                      new Base64URL(p), new Base64URL(q),
                      new Base64URL(dp), new Base64URL(dq), new Base64URL(qi),
                      null,
                      KeyUse.SIGNATURE, null, JWSAlgorithm.RS256, "1",
                      x5u, x5t, x5c);
   
    // Test getters
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertNull(key.getKeyOperations());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertEquals(new Base64URL(p), key.getFirstPrimeFactor());
    assertEquals(new Base64URL(q), key.getSecondPrimeFactor());

    assertEquals(new Base64URL(dp), key.getFirstFactorCRTExponent());
    assertEquals(new Base64URL(dq), key.getSecondFactorCRTExponent());

    assertEquals(new Base64URL(qi), key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());


    String jwkString = key.toJSONObject().toString();

    key = RSAKey.parse(jwkString);

    // Test getters
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertNull(key.getKeyOperations());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertEquals(new Base64URL(p), key.getFirstPrimeFactor());
    assertEquals(new Base64URL(q), key.getSecondPrimeFactor());

    assertEquals(new Base64URL(dp), key.getFirstFactorCRTExponent());
    assertEquals(new Base64URL(dq), key.getSecondFactorCRTExponent());

    assertEquals(new Base64URL(qi), key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());
   

    // Test conversion to public JWK

    key = key.toPublicJWK();
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertNull(key.getKeyOperations());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertNull(key.getPrivateExponent());

    assertNull(key.getFirstPrimeFactor());
    assertNull(key.getSecondPrimeFactor());
View Full Code Here

  public void testBase64Builder()
    throws Exception {

    URL x5u = new URL("http://example.com/jwk.json");
    Base64URL x5t = new Base64URL("abc");
    List<Base64> x5c = new LinkedList<>();
    x5c.add(new Base64("def"));

    RSAKey key = new RSAKey.Builder(new Base64URL(n), new Base64URL(e)).
      privateExponent(new Base64URL(d)).
      firstPrimeFactor(new Base64URL(p)).
      secondPrimeFactor(new Base64URL(q)).
      firstFactorCRTExponent(new Base64URL(dp)).
      secondFactorCRTExponent(new Base64URL(dq)).
      firstCRTCoefficient(new Base64URL(qi)).
      keyUse(KeyUse.SIGNATURE).
      algorithm(JWSAlgorithm.RS256).
      keyID("1").
      x509CertURL(x5u).
      x509CertThumbprint(x5t).
      x509CertChain(x5c).
      build();

    // Test getters
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertNull(key.getKeyOperations());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertEquals(new Base64URL(p), key.getFirstPrimeFactor());
    assertEquals(new Base64URL(q), key.getSecondPrimeFactor());

    assertEquals(new Base64URL(dp), key.getFirstFactorCRTExponent());
    assertEquals(new Base64URL(dq), key.getSecondFactorCRTExponent());

    assertEquals(new Base64URL(qi), key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());


    String jwkString = key.toJSONObject().toString();

    key = RSAKey.parse(jwkString);

    // Test getters
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertNull(key.getKeyOperations());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertEquals(new Base64URL(p), key.getFirstPrimeFactor());
    assertEquals(new Base64URL(q), key.getSecondPrimeFactor());

    assertEquals(new Base64URL(dp), key.getFirstFactorCRTExponent());
    assertEquals(new Base64URL(dq), key.getSecondFactorCRTExponent());

    assertEquals(new Base64URL(qi), key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());
  }
View Full Code Here

  public void testObjectBuilder()
    throws Exception {

    URL x5u = new URL("http://example.com/jwk.json");
    Base64URL x5t = new Base64URL("abc");
    List<Base64> x5c = new LinkedList<>();
    x5c.add(new Base64("def"));

    Set<KeyOperation> ops = new LinkedHashSet<>(Arrays.asList(KeyOperation.SIGN, KeyOperation.VERIFY));

    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(512);
    KeyPair keyPair = keyGen.genKeyPair();
    RSAPublicKey publicKey = (RSAPublicKey)keyPair.getPublic();
    RSAPrivateKey privateKey = (RSAPrivateKey)keyPair.getPrivate();

    RSAKey key = new RSAKey.Builder(publicKey).
      privateKey(privateKey).
      keyUse(null).
      keyOperations(ops).
      algorithm(JWSAlgorithm.RS256).
      keyID("1").
      x509CertURL(x5u).
      x509CertThumbprint(x5t).
      x509CertChain(x5c).
      build();

    // Test getters
    assertNull(key.getKeyUse());
    assertTrue(key.getKeyOperations().contains(KeyOperation.SIGN));
    assertTrue(key.getKeyOperations().contains(KeyOperation.VERIFY));
    assertEquals(2, key.getKeyOperations().size());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertTrue(publicKey.getModulus().equals(key.getModulus().decodeToBigInteger()));
    assertTrue(publicKey.getPublicExponent().equals(key.getPublicExponent().decodeToBigInteger()));

    assertTrue(privateKey.getPrivateExponent().equals(key.getPrivateExponent().decodeToBigInteger()));

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());


    String jwkString = key.toJSONObject().toString();

    key = RSAKey.parse(jwkString);

    // Test getters
    assertNull(key.getKeyUse());
    assertTrue(key.getKeyOperations().contains(KeyOperation.SIGN));
    assertTrue(key.getKeyOperations().contains(KeyOperation.VERIFY));
    assertEquals(2, key.getKeyOperations().size());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());
    assertEquals(x5u.toString(), key.getX509CertURL().toString());
    assertEquals(x5t.toString(), key.getX509CertThumbprint().toString());
    assertEquals(x5c.size(), key.getX509CertChain().size());

    assertTrue(publicKey.getModulus().equals(key.getModulus().decodeToBigInteger()));
    assertTrue(publicKey.getPublicExponent().equals(key.getPublicExponent().decodeToBigInteger()));
View Full Code Here

  public void testPublicKeyExportAndImport()
    throws Exception {


    RSAKey key = new RSAKey(new Base64URL(n), new Base64URL(e),
                      null, null, null, null,
                      null, null, null);

    // Public key export
    RSAPublicKey pubKey = key.toRSAPublicKey();
    assertEquals(new Base64URL(n).decodeToBigInteger(), pubKey.getModulus());
    assertEquals(new Base64URL(e).decodeToBigInteger(), pubKey.getPublicExponent());
    assertEquals("RSA", pubKey.getAlgorithm());


    // Public key import
    key = new RSAKey(pubKey, null, null, null, null, null, null, null);
    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());
  }
View Full Code Here


  public void testPrivateKeyExportAndImport()
    throws Exception {

    RSAKey key = new RSAKey(new Base64URL(n), new Base64URL(e), new Base64URL(d),
                      new Base64URL(p), new Base64URL(q),
                      new Base64URL(dp), new Base64URL(dq), new Base64URL(qi),
                      null,
                      KeyUse.SIGNATURE, null, JWSAlgorithm.RS256, "1",
                      null, null, null);

    // Private key export with CRT (2nd form)
    RSAPrivateKey privKey = key.toRSAPrivateKey();
    assertEquals(new Base64URL(n).decodeToBigInteger(), privKey.getModulus());
    assertEquals(new Base64URL(d).decodeToBigInteger(), privKey.getPrivateExponent());

    assertTrue(privKey instanceof RSAPrivateCrtKey);
    RSAPrivateCrtKey privCrtKey = (RSAPrivateCrtKey)privKey;
    assertEquals(new Base64URL(e).decodeToBigInteger(), privCrtKey.getPublicExponent());
    assertEquals(new Base64URL(p).decodeToBigInteger(), privCrtKey.getPrimeP());
    assertEquals(new Base64URL(q).decodeToBigInteger(), privCrtKey.getPrimeQ());
    assertEquals(new Base64URL(dp).decodeToBigInteger(), privCrtKey.getPrimeExponentP());
    assertEquals(new Base64URL(dq).decodeToBigInteger(), privCrtKey.getPrimeExponentQ());
    assertEquals(new Base64URL(qi).decodeToBigInteger(), privCrtKey.getCrtCoefficient());


    // Key pair export
    KeyPair pair = key.toKeyPair();

    RSAPublicKey pubKey = (RSAPublicKey)pair.getPublic();
    assertEquals(new Base64URL(n).decodeToBigInteger(), pubKey.getModulus());
    assertEquals(new Base64URL(e).decodeToBigInteger(), pubKey.getPublicExponent());
    assertEquals("RSA", pubKey.getAlgorithm());

    privKey = (RSAPrivateKey)pair.getPrivate();
    assertEquals(new Base64URL(n).decodeToBigInteger(), privKey.getModulus());
    assertEquals(new Base64URL(d).decodeToBigInteger(), privKey.getPrivateExponent());

    assertTrue(privKey instanceof RSAPrivateCrtKey);
    privCrtKey = (RSAPrivateCrtKey)privKey;
    assertEquals(new Base64URL(e).decodeToBigInteger(), privCrtKey.getPublicExponent());
    assertEquals(new Base64URL(p).decodeToBigInteger(), privCrtKey.getPrimeP());
    assertEquals(new Base64URL(q).decodeToBigInteger(), privCrtKey.getPrimeQ());
    assertEquals(new Base64URL(dp).decodeToBigInteger(), privCrtKey.getPrimeExponentP());
    assertEquals(new Base64URL(dq).decodeToBigInteger(), privCrtKey.getPrimeExponentQ());
    assertEquals(new Base64URL(qi).decodeToBigInteger(), privCrtKey.getCrtCoefficient());


    // Key pair import, 1st private form
    key = new RSAKey(pubKey, privKey, KeyUse.SIGNATURE, null, JWSAlgorithm.RS256, "1", null, null, null);
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertNull(key.getFirstPrimeFactor());
    assertNull(key.getSecondPrimeFactor());

    assertNull(key.getFirstFactorCRTExponent());
    assertNull(key.getSecondFactorCRTExponent());

    assertNull(key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());


    // Key pair import, 2nd private form
    key = new RSAKey(pubKey, privCrtKey, KeyUse.SIGNATURE, null, JWSAlgorithm.RS256, "1", null, null, null);
    assertEquals(KeyUse.SIGNATURE, key.getKeyUse());
    assertEquals(JWSAlgorithm.RS256, key.getAlgorithm());
    assertEquals("1", key.getKeyID());

    assertEquals(new Base64URL(n), key.getModulus());
    assertEquals(new Base64URL(e), key.getPublicExponent());

    assertEquals(new Base64URL(d), key.getPrivateExponent());

    assertEquals(new Base64URL(p), key.getFirstPrimeFactor());
    assertEquals(new Base64URL(q), key.getSecondPrimeFactor());

    assertEquals(new Base64URL(dp), key.getFirstFactorCRTExponent());
    assertEquals(new Base64URL(dq), key.getSecondFactorCRTExponent());

    assertEquals(new Base64URL(qi), key.getFirstCRTCoefficient());

    assertTrue(key.getOtherPrimes().isEmpty());

    assertTrue(key.isPrivate());
  }
View Full Code Here

TOP

Related Classes of com.nimbusds.jose.util.Base64URL

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.