Package org.jose4j.jwx

Source Code of org.jose4j.jwx.KeyValidationSupport

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
package org.jose4j.jwx;

import org.jose4j.keys.AesKey;
import org.jose4j.lang.ByteUtil;
import org.jose4j.lang.InvalidKeyException;

import java.security.Key;
import java.security.interfaces.RSAKey;

/**
*/
public class KeyValidationSupport
{
    public static final int MIN_RSA_KEY_LENGTH = 2048;

    public static void checkRsaKeySize(RSAKey rsaKey) throws InvalidKeyException
    {
        if (rsaKey == null)
        {
            throw new InvalidKeyException("The RSA key must not be null.");
        }

        int size = rsaKey.getModulus().bitLength();
        if  (size < MIN_RSA_KEY_LENGTH)
        {
           throw new InvalidKeyException("An RSA key of size "+MIN_RSA_KEY_LENGTH+
               " bits or larger MUST be used with the all JOSE RSA algorithms (given key was only "+size+ " bits).");
        }
    }

    public static <K extends Key> K castKey(Key key, Class<K> type) throws InvalidKeyException
    {
        notNull(key);

        try
        {
            return type.cast(key);
        }
        catch (ClassCastException e)
        {
            throw new InvalidKeyException("Invalid key " + e);
        }
    }

    public static void notNull(Key key) throws InvalidKeyException
    {
        if (key == null)
        {
            throw new InvalidKeyException("The key must not be null.");
        }
    }

    public static void cekNotAllowed(byte[] cekOverride, String alg) throws InvalidKeyException
    {
        if (cekOverride != null)
        {
            throw new InvalidKeyException("An explicit content encryption key cannot be used with " + alg);
        }
    }

    public static void validateAesWrappingKey(Key managementKey, String joseAlg, int expectedKeyByteLength) throws InvalidKeyException
    {
        KeyValidationSupport.notNull(managementKey);

        String alg = managementKey.getAlgorithm();

        if (!AesKey.ALGORITHM.equals(alg))
        {
            throw new InvalidKeyException("Invalid key for JWE " + joseAlg + ", expected an "
                    + AesKey.ALGORITHM+ " key but an " + alg + " bit key was provided.");
        }

        int managementKeyByteLength = managementKey.getEncoded().length;
        if (managementKeyByteLength != expectedKeyByteLength)
        {
            throw new InvalidKeyException("Invalid key for JWE " + joseAlg + ", expected a "
                    + ByteUtil.bitLength(expectedKeyByteLength)+ " bit key but a "
                    + ByteUtil.bitLength(managementKeyByteLength) + " bit key was provided.");
        }
    }
}
TOP

Related Classes of org.jose4j.jwx.KeyValidationSupport

  • org.jose4j.lang.InvalidKeyException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.