Examples of org.jose4j.base64url.Base64Url

• org.jose4j.base64url.Base64Url

        ContentEncryptionKeys contentEncryptionKeys = wrappingKeyManagementAlgorithm.manageForEnc(managementKey, cekDesc, cekBytes);

        String encodedEncryptedKeyFromExample ="6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ";

        Base64Url u = new Base64Url();
        String encodedWrapped = u.base64UrlEncode(contentEncryptionKeys.getEncryptedKey());

        assertEquals(encodedEncryptedKeyFromExample, encodedWrapped);

        byte[] encryptedKey = u.base64UrlDecode(encodedEncryptedKeyFromExample);

        Key key = wrappingKeyManagementAlgorithm.manageForDecrypt(managementKey, encryptedKey, cekDesc, null);

        assertTrue(Arrays.equals(cekBytes, key.getEncoded()));
    }

        PublicKey pubKey = receiverJwk.getPublicKey();
        ContentEncryptionKeys contentEncryptionKeys = ecdhKeyAgreementAlgorithm.manageForEncrypt(pubKey, cekDesc, headers, ephemeralJwk);

        assertTrue(contentEncryptionKeys.getEncryptedKey().length == 0);
        Base64Url base64Url = new Base64Url();
        assertEquals("VqqN6vgjbSBcIijNcacQGg", base64Url.base64UrlEncode(contentEncryptionKeys.getContentEncryptionKey()));

        Headers receivedHeaders = new Headers();
        receivedHeaders.setFullHeaderAsJsonString(headers.getFullHeaderAsJsonString());

        Key key = ecdhKeyAgreementAlgorithm.manageForDecrypt(receiverJwk.getPrivateKey(), null, cekDesc, receivedHeaders);
        assertEquals("VqqN6vgjbSBcIijNcacQGg", base64Url.base64UrlEncode(key.getEncoded()));
    }

        Long iterationCount = headers.getLongHeaderValue(HeaderParameterNames.PBES2_ITERATION_COUNT);
        assertTrue(iterationCount >= MINIMUM_ITERAION_COUNT);

        String saltInputString = headers.getStringHeaderValue(HeaderParameterNames.PBES2_SALT_INPUT);
        Base64Url b = new Base64Url();
        byte[] saltInput = b.base64UrlDecode(saltInputString);
        assertTrue(saltInput.length >= MINIMUM_SALT_BYTE_LENGTH);
    }

                "1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc" +
                "HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF" +
                "NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8" +
                "rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv" +
                "-B3oWh2TbqmScqXMR4gp_A";
        Base64Url base64Url = new Base64Url();
        byte[] encryptedKey = base64Url.base64UrlDecode(encodedEncryptedKey);

        RsaKeyManagementAlgorithm.Rsa1_5 keyManagementAlgorithm = new RsaKeyManagementAlgorithm.Rsa1_5();
        PrivateKey privateKey = ExampleRsaJwksFromJwe.APPENDIX_A_2.getPrivateKey();
        ContentEncryptionAlgorithm contentEncryptionAlgorithm = new AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256();
        ContentEncryptionKeyDescriptor cekDesc = contentEncryptionAlgorithm.getContentEncryptionKeyDescriptor();

                byte[] iv = ByteUtil.convertUnsignedToSignedTwosComp(new int[]{227, 197, 117, 252, 2, 219, 233, 68, 180, 225, 77, 219});

                ContentEncryptionParts encryptionParts = aesGcmContentEncryptionAlg.encrypt(plainText, aad, cek, iv);

                Base64Url base64Url = new Base64Url();

                byte[] ciphertext = encryptionParts.getCiphertext();
                String encodedJweCiphertext = "5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A";
                assertThat(encodedJweCiphertext, equalTo(base64Url.base64UrlEncode(ciphertext)));

                byte[] authenticationTag = encryptionParts.getAuthenticationTag();
                String encodedAuthenticationTag = "XFBoMYUZodetZdvTiFvSkQ";
                assertThat(encodedAuthenticationTag, equalTo(base64Url.base64UrlEncode(authenticationTag)));

                ContentEncryptionParts parts = new ContentEncryptionParts(iv, ciphertext, authenticationTag);
                byte[] decrypted = aesGcmContentEncryptionAlg.decrypt(parts, aad, cek, null);
                assertArrayEquals(plainText, decrypted);
            }

        byte[] plainTextOctetsAsBytes = ByteUtil.convertUnsignedToSignedTwosComp(plainTextOctetsAsInts);

        String encodedHeader = "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJwMnMiOiIyV0NUY0paMVJ2ZF9DSn" +
                "VKcmlwUTF3IiwicDJjIjo0MDk2LCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5Ijoi" +
                "andrK2pzb24ifQ";
        Base64Url base64url = new Base64Url();
        Headers headers = new Headers();
        headers.setFullHeaderAsJsonString(base64url.base64UrlDecodeToUtf8String(encodedHeader));

        PbkdfKey pbkdfKey = new PbkdfKey(PASSWORD);

        Pbes2HmacShaWithAesKeyWrapAlgorithm pbesAlg = new Pbes2HmacShaWithAesKeyWrapAlgorithm.HmacSha256Aes128();
        Key derivedKey = pbesAlg.deriveForEncrypt(pbkdfKey, headers);

        byte[] expectedDerived = ByteUtil.convertUnsignedToSignedTwosComp(new int[]{110, 171, 169, 92, 129, 92, 109, 117,
                                                                                        233, 242, 116, 233, 170, 14, 24, 75});
        assertArrayEquals(expectedDerived, derivedKey.getEncoded());

        // Generate a 256 bit random Content Encryption Key (CEK).  In this  example, the value is:
        byte[] exampleCek = ByteUtil.convertUnsignedToSignedTwosComp(new int[]{111, 27, 25, 52, 66, 29, 20, 78, 92, 176, 56, 240, 65, 208, 82,
                                        112, 161, 131, 36, 55, 202, 236, 185, 172, 129, 23, 153, 194, 195,
                                        48, 253, 182});

        WrappingKeyManagementAlgorithm keyWrap = new AesKeyWrapManagementAlgorithm.Aes128();
        ContentEncryptionKeyDescriptor cekDesc = new ContentEncryptionKeyDescriptor(exampleCek.length, AesKey.ALGORITHM);
        ContentEncryptionKeys contentEncryptionKeys = keyWrap.manageForEnc(derivedKey, cekDesc, exampleCek);
        byte[] contentEncryptionKey = contentEncryptionKeys.getContentEncryptionKey();
        assertArrayEquals(exampleCek, contentEncryptionKey);

        byte[] expectedEncryptedKey = ByteUtil.convertUnsignedToSignedTwosComp(new int[]{78, 186, 151, 59, 11, 141, 81, 240, 213, 245, 83, 211, 53, 188,
                                        134, 188, 66, 125, 36, 200, 222, 124, 5, 103, 249, 52, 117, 184, 140,
                                        81, 246, 158, 161, 177, 20, 33, 245, 57, 59, 4});

        byte[] encryptedKey = contentEncryptionKeys.getEncryptedKey();
        String encodedEncryptedKey = base64url.base64UrlEncode(encryptedKey);
        assertArrayEquals(expectedEncryptedKey, encryptedKey);

        String encodedIv = "Ye9j1qs22DmRSAddIh-VnA";
        byte[] iv = base64url.base64UrlDecode(encodedIv);

        AesCbcHmacSha2ContentEncryptionAlgorithm aes128CbcHmacSha256 = new AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256();
        byte[] aad = StringUtil.getBytesAscii(encodedHeader);
        ContentEncryptionParts contentEncryptionParts = aes128CbcHmacSha256.encrypt(plainTextOctetsAsBytes, aad, contentEncryptionKey, iv);
        byte[] authenticationTag = contentEncryptionParts.getAuthenticationTag();
        String encodedTag = base64url.base64UrlEncode(authenticationTag);
        byte[] ciphertext = contentEncryptionParts.getCiphertext();
        String encodedCiphertext = base64url.base64UrlEncode(ciphertext);

        String cs = CompactSerializer.serialize(encodedHeader, encodedEncryptedKey, encodedIv, encodedCiphertext, encodedTag);
        assertThat(CS, is(equalTo(cs)));
    }

                "ipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDb" +
                "Sv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaV" +
                "mqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je8" +
                "1860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi" +
                "6UklfCpIMfIjf7iGdXKHzg";
        Base64Url base64Url = new Base64Url();
        byte[] encryptedKey = base64Url.base64UrlDecode(encodedEncryptedKey);

        RsaKeyManagementAlgorithm.RsaOaep keyManagementAlgorithm = new RsaKeyManagementAlgorithm.RsaOaep();
        PrivateKey privateKey = ExampleRsaJwksFromJwe.APPENDIX_A_1.getPrivateKey();
        ContentEncryptionKeyDescriptor cekDesc = new ContentEncryptionKeyDescriptor(32, AesKey.ALGORITHM);
        Key key = keyManagementAlgorithm.manageForDecrypt(privateKey, encryptedKey, cekDesc, null);

        byte[] iv = ByteUtil.convertUnsignedToSignedTwosComp(new int[]{3, 22, 60, 12, 43, 67, 104, 105, 108, 108, 105, 99, 111, 116, 104, 101});

        AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256 jweContentEncryptionAlg = new AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256();
        ContentEncryptionParts contentEncryptionParts = jweContentEncryptionAlg.encrypt(plainText, aad, contentEncryptionKeyBytes, iv);

        Base64Url base64Url = new Base64Url();

        byte[] ciphertext = contentEncryptionParts.getCiphertext();
        String encodedJweCiphertext = "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY";
        assertEquals(encodedJweCiphertext, base64Url.base64UrlEncode(ciphertext));

        byte[] authenticationTag = contentEncryptionParts.getAuthenticationTag();
        String encodedAuthenticationTag = "9hH0vgRfYgPnAHOd8stkvw";
        assertEquals(encodedAuthenticationTag, base64Url.base64UrlEncode(authenticationTag));
    }

    public void testExampleDecryptFromJweAppendix2() throws JoseException
    {
        int[] ints = {4, 211, 31, 197, 84, 157, 252, 254, 11, 100, 157, 250, 63, 170, 106, 206, 107, 124, 212, 45, 111, 107, 9, 219, 200, 177, 0, 240, 143, 156, 44, 207};
        byte[] contentEncryptionKeyBytes = ByteUtil.convertUnsignedToSignedTwosComp(ints);

        Base64Url b = new Base64Url();

        byte[] header = StringUtil.getBytesUtf8("eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0");
        byte[] iv = b.base64UrlDecode("AxY8DCtDaGlsbGljb3RoZQ");
        byte[] ciphertext = b.base64UrlDecode("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY");
        byte[] tag = b.base64UrlDecode("9hH0vgRfYgPnAHOd8stkvw");

        AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256 jweContentEncryptionAlg = new AesCbcHmacSha2ContentEncryptionAlgorithm.Aes128CbcHmacSha256();
        ContentEncryptionParts encryptionParts = new ContentEncryptionParts(iv, ciphertext, tag);
        byte[] plaintextBytes = jweContentEncryptionAlg.decrypt(encryptionParts, header, contentEncryptionKeyBytes, null);

        //  parameter."
        String keySpec = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBCCAc9n4N7ZOr_tTu" +
                "_wAOmPKi4qTp5X3su6O3010hxmBYj9zI4u_0dm6UZa0LsjdfvcAET6vH3mEApvGKpDWrRsAA_nJhyQ20ca7Nn0Zvyiq54FfCAblGK7kuduF" +
                "BTPkxv9eOjiaeGp7V_f3qV1kxS_Il2LY7Tc5l2GSlW_-SzYKxgek";

        Base64Url base64Url = new Base64Url();
        byte[] bytes = base64Url.base64UrlDecode(keySpec);
        PublicKey ecPubKey = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(bytes));

        PublicJsonWebKey jwk = EllipticCurveJsonWebKey.Factory.newPublicJwk(ecPubKey);
        String jwkJson = jwk.toJson(PUBLIC_ONLY);
        Map<String,Object> parsed = JsonUtil.parseJson(jwkJson);