Package com.nimbusds.jose.crypto

Source Code of com.nimbusds.jose.crypto.RSA_OAEP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package com.nimbusds.jose.crypto;


import java.security.Provider;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import net.jcip.annotations.ThreadSafe;

import com.nimbusds.jose.JOSEException;


/**
* RSAES OAEP methods for Content Encryption Key (CEK) encryption and
* decryption. Uses the BouncyCastle.org provider. This class is thread-safe
*
* @author Vladimir Dzhuvinov
* @version $version$ (2014-01-24)
*/
@ThreadSafe
class RSA_OAEP {


  /**
   * Encrypts the specified Content Encryption Key (CEK).
   *
   * @param pub      The public RSA key. Must not be {@code null}.
   * @param cek      The Content Encryption Key (CEK) to encrypt. Must
   *                 not be {@code null}.
   * @param provider The JCA provider, or {@code null} to use the default
   *                 one.
   *
   * @return The encrypted Content Encryption Key (CEK).
   *
   * @throws JOSEException If encryption failed.
   */
  public static byte[] encryptCEK(final RSAPublicKey pub, final SecretKey cek, final Provider provider)
    throws JOSEException {

    try {
      Cipher cipher = CipherHelper.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", provider);
      cipher.init(Cipher.ENCRYPT_MODE, pub, new SecureRandom());
      return cipher.doFinal(cek.getEncoded());

    } catch (Exception e) {
      // java.security.NoSuchAlgorithmException
      // java.security.NoSuchPaddingException
      // java.security.InvalidKeyException
      // javax.crypto.IllegalBlockSizeException
      // javax.crypto.BadPaddingException
      throw new JOSEException(e.getMessage(), e);
    }
  }

 
  /**
   * Decrypts the specified encrypted Content Encryption Key (CEK).
   *
   * @param priv         The private RSA key. Must not be {@code null}.
   * @param encryptedCEK The encrypted Content Encryption Key (CEK) to
   *                     decrypt. Must not be {@code null}.
   * @param provider     The JCA provider, or {@code null} to use the
   *                     default one.
   *
   * @return The decrypted Content Encryption Key (CEK).
   *
   * @throws JOSEException If decryption failed.
   */
  public static SecretKey decryptCEK(final RSAPrivateKey priv,
                               final byte[] encryptedCEK, final Provider provider)
    throws JOSEException {

    try {
      Cipher cipher = CipherHelper.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", provider);
      cipher.init(Cipher.DECRYPT_MODE, priv);
      return new SecretKeySpec(cipher.doFinal(encryptedCEK), "AES");

    } catch (Exception e) {
      // java.security.NoSuchAlgorithmException
      // java.security.NoSuchPaddingException
      // java.security.InvalidKeyException
      // javax.crypto.IllegalBlockSizeException
      // javax.crypto.BadPaddingException
      throw new JOSEException(e.getMessage(), e);
    }
  }


  /**
   * Prevents public instantiation.
   */
  private RSA_OAEP() { }
}
TOP

Related Classes of com.nimbusds.jose.crypto.RSA_OAEP

  • javax.crypto.spec.SecretKeySpec
  • java.security.SecureRandom
  • javax.crypto.Cipher
  • com.nimbusds.jose.JOSEException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.