Java 类java.security.interfaces.ECPublicKey 实例源码
项目:AppCoins-ethereumj
文件:ECKey.java
/**
* Generate a new keypair using the given Java Security Provider.
*
* All private key operations will use the provider.
*/
public ECKey(Provider provider, SecureRandom secureRandom) {
this.provider = provider;
KeyPairGenerator keyPairGen = ECKeyPairGenerator.getInstance(provider, secureRandom);
KeyPair keyPair = keyPairGen.generateKeyPair();
this.privKey = keyPair.getPrivate();
PublicKey pubKey = keyPair.getPublic();
if (pubKey instanceof BCECPublicKey) {
pub = ((BCECPublicKey) pubKey).getQ();
} else if (pubKey instanceof ECPublicKey) {
pub = extractPublicKey((ECPublicKey) pubKey);
} else {
throw new AssertionError("Expected Provider "
+ provider.getName()
+ " to produce a subtype of ECPublicKey, found "
+ pubKey.getClass());
}
}
项目:talchain
文件:ECKey.java
/**
* Generate a new keypair using the given Java Security Provider.
*
* All private key operations will use the provider.
*/
public ECKey(Provider provider, SecureRandom secureRandom) {
this.provider = provider;
final KeyPairGenerator keyPairGen = ECKeyPairGenerator.getInstance(provider, secureRandom);
final KeyPair keyPair = keyPairGen.generateKeyPair();
this.privKey = keyPair.getPrivate();
final PublicKey pubKey = keyPair.getPublic();
if (pubKey instanceof BCECPublicKey) {
pub = ((BCECPublicKey) pubKey).getQ();
} else if (pubKey instanceof ECPublicKey) {
pub = extractPublicKey((ECPublicKey) pubKey);
} else {
throw new AssertionError(
"Expected Provider " + provider.getName() +
" to produce a subtype of ECPublicKey, found " + pubKey.getClass());
}
}
项目:AppCoins-ethereumj
文件:ECKey.java
/**
* Generate a new keypair using the given Java Security Provider.
*
* All private key operations will use the provider.
*/
public ECKey(Provider provider, SecureRandom secureRandom) {
this.provider = provider;
final KeyPairGenerator keyPairGen = ECKeyPairGenerator.getInstance(provider, secureRandom);
final KeyPair keyPair = keyPairGen.generateKeyPair();
this.privKey = keyPair.getPrivate();
final PublicKey pubKey = keyPair.getPublic();
if (pubKey instanceof BCECPublicKey) {
pub = ((BCECPublicKey) pubKey).getQ();
} else if (pubKey instanceof ECPublicKey) {
pub = extractPublicKey((ECPublicKey) pubKey);
} else {
throw new AssertionError(
"Expected Provider " + provider.getName() +
" to produce a subtype of ECPublicKey, found " + pubKey.getClass());
}
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDecodeECDSA384JOSE() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
//Without padding
byte[] joseSignature = createJOSESignature(48, false, false);
byte[] derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, false, false);
//With R padding
joseSignature = createJOSESignature(48, true, false);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, true, false);
//With S padding
joseSignature = createJOSESignature(48, false, true);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, false, true);
//With both paddings
joseSignature = createJOSESignature(48, true, true);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, true, true);
}
项目:mDL-ILP
文件:ECCUtils.java
/**
* Extract the raw bytes of the public ECC key in standard smart card format.
* @param publicKey the key to extract the bytes of.
* @param curveReference the reference to the standard curve of the key.
* @return the extract bytes of the key.
*/
public static byte[] decodeECCPublicKeyX509(PublicKey publicKey, EllipticCurveParameters curveReference)
{
byte[] publicKeyBytes = {};
if (publicKey instanceof ECPublicKey)
{
final ECPoint w = ((ECPublicKey)publicKey).getW();
final byte[] x = getStandardSizeInteger(w.getAffineX().toByteArray(), curveReference);
final byte[] y = getStandardSizeInteger(w.getAffineY().toByteArray(), curveReference);
publicKeyBytes = Bytes.concatenate(Bytes.bytes("04"), x, y); // Uncompressed format.
}
return publicKeyBytes;
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldThrowOnSignWhenThePrivateKeyIsInvalid() throws Exception {
exception.expect(SignatureGenerationException.class);
exception.expectMessage("The Token's Signature couldn't be generated when signing using the Algorithm: some-algorithm");
exception.expectCause(isA(InvalidKeyException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.createSignatureFor(anyString(), any(PrivateKey.class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
algorithm.sign(ES256Header.getBytes(StandardCharsets.UTF_8));
}
项目:GitHub
文件:PubkeyUtils.java
/**
* @param pair KeyPair to convert to an OpenSSH public key
* @return OpenSSH-encoded pubkey
*/
public static byte[] extractOpenSSHPublic(KeyPair pair) {
try {
PublicKey pubKey = pair.getPublic();
if (pubKey instanceof RSAPublicKey) {
return RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey) pubKey);
} else if (pubKey instanceof DSAPublicKey) {
return DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey) pubKey);
} else if (pubKey instanceof ECPublicKey) {
return ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey) pubKey);
} else if (pubKey instanceof EdDSAPublicKey) {
return Ed25519Verify.encodeSSHEd25519PublicKey((EdDSAPublicKey) pubKey);
} else {
return null;
}
} catch (IOException e) {
return null;
}
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDoECDSA512SigningWithProvidedPrivateKey() throws Exception {
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
PrivateKey privateKey = readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC");
PublicKey publicKey = readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC");
when(provider.getPrivateKey()).thenReturn((ECPrivateKey) privateKey);
when(provider.getPublicKeyById(null)).thenReturn((ECPublicKey) publicKey);
Algorithm algorithm = Algorithm.ECDSA512(provider);
String jwtContent = String.format("%s.%s", ES512Header, auth0IssPayload);
byte[] contentBytes = jwtContent.getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = algorithm.sign(contentBytes);
String jwtSignature = Base64.encodeBase64URLSafeString(signatureBytes);
String token = String.format("%s.%s", jwtContent, jwtSignature);
assertThat(signatureBytes, is(notNullValue()));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
项目:openjdk-jdk10
文件:ClientHandshaker.java
private void serverKeyExchange(ECDH_ServerKeyExchange mesg)
throws IOException {
if (debug != null && Debug.isOn("handshake")) {
mesg.print(System.out);
}
ECPublicKey key = mesg.getPublicKey();
ecdh = new ECDHCrypt(key.getParams(), sslContext.getSecureRandom());
ephemeralServerKey = key;
// check constraints of EC PublicKey
if (!algorithmConstraints.permits(
EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), ephemeralServerKey)) {
throw new SSLHandshakeException("ECDH ServerKeyExchange " +
"does not comply to algorithm constraints");
}
}
项目:citizen-sdk-android
文件:CryptoService.java
public static boolean verifyECSignature(String encodededData, String encodedSignedData, String encodedPublicKey) throws CryptoException
{
try {
KeyFactory keyFactory = KeyFactory.getInstance("EC");
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(Base64.decode(encodedPublicKey, Base64.DEFAULT));
ECPublicKey publicKey = (ECPublicKey) keyFactory.generatePublic(publicKeySpec);
Signature verificationFunction = Signature.getInstance(REST_AUTH_SIGNATURE_ALGORITHM);
verificationFunction.initVerify(publicKey);
verificationFunction.update(Base64.decode(encodededData, Base64.DEFAULT));
if (verificationFunction.verify(Base64.decode(encodedSignedData, Base64.DEFAULT))) {
return true;
}
} catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidKeyException |
SignatureException e)
{
throw new CryptoException("Unable to verify signature: " + e.getMessage());
}
return false;
}
项目:JungleTree
文件:JwtTokenFactory.java
private JWSHeader createServerTokenHeader(ECPublicKey serverPublicKey) {
if (!serverPublicKey.getFormat().equals("X.509")) {
throw new RuntimeException(String.format(
"Server public key is not in X.509 format! Got %s instead",
serverPublicKey.getFormat()
));
}
return new JWSHeader(
JWSAlgorithm.ES384,
null,
null,
null,
null,
null,
URI.create(getServerPublicKeyBase64((ECPublicKey) serverKeyPair.getPublic())),
null,
null,
null,
null,
null,
null
);
}
项目:xitk
文件:AlgorithmUtil.java
public static AlgorithmIdentifier getSigAlgId(PublicKey pubKey, HashAlgoType hashAlgo,
SignatureAlgoControl algoControl) throws NoSuchAlgorithmException {
ParamUtil.requireNonNull("hashAlgo", hashAlgo);
if (pubKey instanceof RSAPublicKey) {
boolean rsaMgf1 = (algoControl == null) ? false : algoControl.isRsaMgf1();
return getRSASigAlgId(hashAlgo, rsaMgf1);
} else if (pubKey instanceof ECPublicKey) {
boolean dsaPlain = (algoControl == null) ? false : algoControl.isDsaPlain();
boolean gm = (algoControl == null) ? false : algoControl.isGm();
return getECSigAlgId(hashAlgo, dsaPlain, gm);
} else if (pubKey instanceof DSAPublicKey) {
return getDSASigAlgId(hashAlgo);
} else {
throw new NoSuchAlgorithmException("Unknown public key '"
+ pubKey.getClass().getName());
}
}
项目:xitk
文件:P11PrivateKey.java
public P11PrivateKey(P11CryptService p11CryptService, P11EntityIdentifier identityId)
throws P11TokenException {
this.p11CryptService = ParamUtil.requireNonNull("identityId", p11CryptService);
this.identityId = ParamUtil.requireNonNull("entityId", identityId);
this.publicKey = p11CryptService.getIdentity(identityId).publicKey();
if (this.publicKey instanceof RSAPublicKey) {
algorithm = "RSA";
keysize = ((RSAPublicKey) publicKey).getModulus().bitLength();
} else if (this.publicKey instanceof DSAPublicKey) {
algorithm = "DSA";
keysize = ((DSAPublicKey) publicKey).getParams().getP().bitLength();
} else if (this.publicKey instanceof ECPublicKey) {
algorithm = "EC";
keysize = ((ECPublicKey) publicKey).getParams().getCurve().getField().getFieldSize();
} else {
throw new P11TokenException("unknown public key: " + publicKey);
}
}
项目:RISE-V2G
文件:SecurityUtils.java
/**
* Returns the ECPublicKey instance from its encoded raw bytes.
* The first byte has the fixed value 0x04 indicating the uncompressed form.
* Therefore, the byte array must be of form: [0x04, x coord of point (32 bytes), y coord of point (32 bytes)]
*
* @param publicKeyBytes The byte array representing the encoded raw bytes of the public key
* @return The ECPublicKey instance
*/
public static ECPublicKey getPublicKey(byte[] publicKeyBytes) {
// First we separate x and y of coordinates into separate variables
byte[] x = new byte[32];
byte[] y = new byte[32];
System.arraycopy(publicKeyBytes, 1, x, 0, 32);
System.arraycopy(publicKeyBytes, 33, y, 0, 32);
try {
KeyFactory kf = KeyFactory.getInstance("EC");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC");
parameters.init(new ECGenParameterSpec("secp256r1"));
ECParameterSpec ecParameterSpec = parameters.getParameterSpec(ECParameterSpec.class);
ECPublicKeySpec ecPublicKeySpec = new ECPublicKeySpec(new ECPoint(new BigInteger(x), new BigInteger(y)), ecParameterSpec);
ECPublicKey ecPublicKey = (ECPublicKey) kf.generatePublic(ecPublicKeySpec);
return ecPublicKey;
} catch (NoSuchAlgorithmException | InvalidParameterSpecException | InvalidKeySpecException e) {
getLogger().error(e.getClass().getSimpleName() + " occurred when trying to get public key from raw bytes", e);
return null;
}
}
项目:RISE-V2G
文件:SecurityUtils.java
/**
* Returns the public key part of an elliptic curve Diffie-Hellman keypair
*
* @param ecdhKeyPair The elliptic curve Diffie-Hellman keypair
* @return The respective public key
*/
public static DiffieHellmanPublickeyType getDHPublicKey(KeyPair ecdhKeyPair) {
DiffieHellmanPublickeyType dhPublicKey = new DiffieHellmanPublickeyType();
/*
* Experience from the test symposium in San Diego (April 2016):
* The Id element of the signature is not restricted in size by the standard itself. But on embedded
* systems, the memory is very limited which is why we should not use long IDs for the signature reference
* element. A good size would be 3 characters max (like the example in the ISO 15118-2 annex J)
*/
dhPublicKey.setId("id1");
byte[] uncompressedDHpublicKey = getUncompressedSubjectPublicKey((ECPublicKey) ecdhKeyPair.getPublic());
getLogger().debug("Created DHpublickey: " + ByteUtils.toHexString(uncompressedDHpublicKey));
dhPublicKey.setValue(uncompressedDHpublicKey);
return dhPublicKey;
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldThrowOnSignWhenTheSignatureIsNotPrepared() throws Exception {
exception.expect(SignatureGenerationException.class);
exception.expectMessage("The Token's Signature couldn't be generated when signing using the Algorithm: some-algorithm");
exception.expectCause(isA(SignatureException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.createSignatureFor(anyString(), any(PrivateKey.class), any(byte[].class)))
.thenThrow(SignatureException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
algorithm.sign(ES256Header.getBytes(StandardCharsets.UTF_8));
}
项目:RISE-V2G
文件:SecurityUtils.java
/**
* Java puts some encoding information into the ECPublicKey.getEncoded().
* This method returns the raw ECPoint (the x and y coordinate of the public key) in uncompressed form
* (with the 0x04 as first octet), aka the Subject Public Key according to RFC 5480
*
* @param ecPublicKey The ECPublicKey provided by Java
* @return The uncompressed Subject Public Key (with the first octet set to 0x04)
*/
public static byte[] getUncompressedSubjectPublicKey(ECPublicKey ecPublicKey) {
byte[] uncompressedPubKey = new byte[65];
uncompressedPubKey[0] = 0x04;
byte[] affineX = ecPublicKey.getW().getAffineX().toByteArray();
byte[] affineY = ecPublicKey.getW().getAffineY().toByteArray();
// If the length is 33 bytes, then the first byte is a 0x00 which is to be omitted
if (affineX.length == 33)
System.arraycopy(affineX, 1, uncompressedPubKey, 1, 32);
else
System.arraycopy(affineX, 0, uncompressedPubKey, 1, 32);
if (affineY.length == 33)
System.arraycopy(affineY, 1, uncompressedPubKey, 33, 32);
else
System.arraycopy(affineY, 0, uncompressedPubKey, 33, 32);
return uncompressedPubKey;
}
项目:lams
文件:Encrypter.java
/**
* Check key encryption parameters for consistency and required values.
*
* @param kekParams the key encryption parameters to check
* @param allowEmpty if false, a null parameter is treated as an error
*
* @throws EncryptionException thrown if any parameters are missing or have invalid values
*/
protected void checkParams(KeyEncryptionParameters kekParams, boolean allowEmpty) throws EncryptionException {
if (kekParams == null) {
if (allowEmpty) {
return;
} else {
log.error("Key encryption parameters are required");
throw new EncryptionException("Key encryption parameters are required");
}
}
Key key = SecurityHelper.extractEncryptionKey(kekParams.getEncryptionCredential());
if (key == null) {
log.error("Key encryption credential and contained key are required");
throw new EncryptionException("Key encryption credential and contained key are required");
} else if (key instanceof DSAPublicKey) {
log.error("Attempt made to use DSA key for encrypted key transport");
throw new EncryptionException("DSA keys may not be used for encrypted key transport");
} else if (key instanceof ECPublicKey) {
log.error("Attempt made to use EC key for encrypted key transport");
throw new EncryptionException("EC keys may not be used for encrypted key transport");
} else if (DatatypeHelper.isEmpty(kekParams.getAlgorithm())) {
log.error("Key encryption algorithm URI is required");
throw new EncryptionException("Key encryption algorithm URI is required");
}
}
项目:OpenJSharp
文件:P11ECDHKeyAgreement.java
protected Key engineDoPhase(Key key, boolean lastPhase)
throws InvalidKeyException, IllegalStateException {
if (privateKey == null) {
throw new IllegalStateException("Not initialized");
}
if (publicValue != null) {
throw new IllegalStateException("Phase already executed");
}
if (lastPhase == false) {
throw new IllegalStateException
("Only two party agreement supported, lastPhase must be true");
}
if (key instanceof ECPublicKey == false) {
throw new InvalidKeyException
("Key must be a PublicKey with algorithm EC");
}
ECPublicKey ecKey = (ECPublicKey)key;
int keyLenBits = ecKey.getParams().getCurve().getField().getFieldSize();
secretLen = (keyLenBits + 7) >> 3;
publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey);
return null;
}
项目:jdk8u-jdk
文件:P11ECDHKeyAgreement.java
protected Key engineDoPhase(Key key, boolean lastPhase)
throws InvalidKeyException, IllegalStateException {
if (privateKey == null) {
throw new IllegalStateException("Not initialized");
}
if (publicValue != null) {
throw new IllegalStateException("Phase already executed");
}
if (lastPhase == false) {
throw new IllegalStateException
("Only two party agreement supported, lastPhase must be true");
}
if (key instanceof ECPublicKey == false) {
throw new InvalidKeyException
("Key must be a PublicKey with algorithm EC");
}
ECPublicKey ecKey = (ECPublicKey)key;
int keyLenBits = ecKey.getParams().getCurve().getField().getFieldSize();
secretLen = (keyLenBits + 7) >> 3;
publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey);
return null;
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldDecodeECDSA512DER() throws Exception {
ECDSAAlgorithm algorithm512 = (ECDSAAlgorithm) Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
//Without padding
byte[] derSignature = createDERSignature(66, false, false);
byte[] joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, false);
//With R padding
derSignature = createDERSignature(66, true, false);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, false);
//With S padding
derSignature = createDERSignature(66, false, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, true);
//With both paddings
derSignature = createDERSignature(66, true, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, true);
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDecodeECDSA512DER() throws Exception {
ECDSAAlgorithm algorithm512 = (ECDSAAlgorithm) Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
//Without padding
byte[] derSignature = createDERSignature(66, false, false);
byte[] joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, false);
//With R padding
derSignature = createDERSignature(66, true, false);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, false);
//With S padding
derSignature = createDERSignature(66, false, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, true);
//With both paddings
derSignature = createDERSignature(66, true, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, true);
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDecodeECDSA256JOSE() throws Exception {
ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC"));
//Without padding
byte[] joseSignature = createJOSESignature(32, false, false);
byte[] derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, false, false);
//With R padding
joseSignature = createJOSESignature(32, true, false);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, true, false);
//With S padding
joseSignature = createJOSESignature(32, false, true);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, false, true);
//With both paddings
joseSignature = createJOSESignature(32, true, true);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, true, true);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[256];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm("ES256", "SHA256withECDSA", 128, provider);
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldThrowOnVerifyWhenThePublicKeyIsInvalid() throws Exception {
exception.expect(AlgorithmMismatchException.class);
exception.expectMessage("The provided Algorithm doesn't match the one defined in the JWT's Header.");
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldDoECDSA384SigningWithProvidedPrivateKey() throws Exception {
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
PrivateKey privateKey = readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC");
PublicKey publicKey = readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC");
when(provider.getPrivateKey()).thenReturn((ECPrivateKey) privateKey);
when(provider.getPublicKeyById(null)).thenReturn((ECPublicKey) publicKey);
Algorithm algorithm = Algorithm.ECDSA384(provider);
String jwtContent = String.format("%s.%s", ES384Header, auth0IssPayload);
byte[] contentBytes = jwtContent.getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = algorithm.sign(contentBytes);
String jwtSignature = Base64.encodeBase64URLSafeString(signatureBytes);
String token = String.format("%s.%s", jwtContent, jwtSignature);
assertThat(signatureBytes, is(notNullValue()));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldThrowOnSignWhenThePrivateKeyIsInvalid() throws Exception {
exception.expect(SignatureGenerationException.class);
exception.expectMessage("The Token's Signature couldn't be generated when signing using the Algorithm: some-algorithm");
exception.expectCause(isA(InvalidKeyException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.createSignatureFor(anyString(), any(PrivateKey.class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
algorithm.sign(ES256Header.getBytes(StandardCharsets.UTF_8));
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDecodeECDSA384DER() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
//Without padding
byte[] derSignature = createDERSignature(48, false, false);
byte[] joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, false);
//With R padding
derSignature = createDERSignature(48, true, false);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, false);
//With S padding
derSignature = createDERSignature(48, false, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, true);
//With both paddings
derSignature = createDERSignature(48, true, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, true);
}
项目:openjdk-jdk10
文件:P11ECDHKeyAgreement.java
protected Key engineDoPhase(Key key, boolean lastPhase)
throws InvalidKeyException, IllegalStateException {
if (privateKey == null) {
throw new IllegalStateException("Not initialized");
}
if (publicValue != null) {
throw new IllegalStateException("Phase already executed");
}
if (lastPhase == false) {
throw new IllegalStateException
("Only two party agreement supported, lastPhase must be true");
}
if (key instanceof ECPublicKey == false) {
throw new InvalidKeyException
("Key must be a PublicKey with algorithm EC");
}
ECPublicKey ecKey = (ECPublicKey)key;
int keyLenBits = ecKey.getParams().getCurve().getField().getFieldSize();
secretLen = (keyLenBits + 7) >> 3;
publicValue = P11ECKeyFactory.getEncodedPublicValue(ecKey);
return null;
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldDecodeECDSA256DER() throws Exception {
ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC"));
//Without padding
byte[] derSignature = createDERSignature(32, false, false);
byte[] joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, false, false);
//With R padding
derSignature = createDERSignature(32, true, false);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, true, false);
//With S padding
derSignature = createDERSignature(32, false, true);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, false, true);
//With both paddings
derSignature = createDERSignature(32, true, true);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, true, true);
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldSignAndVerifyWithECDSA384() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
String content384 = "eyJhbGciOiJFUzM4NCJ9.eyJpc3MiOiJhdXRoMCJ9";
for (int i = 0; i < 10; i++) {
byte[] signature = algorithm384.sign(content384.getBytes());
String signature384 = Base64.encodeBase64URLSafeString((signature));
String token = content384 + "." + signature384;
JWT jwt = JWT.require(algorithm384).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm384.verify(decoded, EncodeType.Base64);
}
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldDecodeECDSA256DER() throws Exception {
ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC"));
//Without padding
byte[] derSignature = createDERSignature(32, false, false);
byte[] joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, false, false);
//With R padding
derSignature = createDERSignature(32, true, false);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, true, false);
//With S padding
derSignature = createDERSignature(32, false, true);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, false, true);
//With both paddings
derSignature = createDERSignature(32, true, true);
joseSignature = algorithm256.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 32, true, true);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldDecodeECDSA384JOSE() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
//Without padding
byte[] joseSignature = createJOSESignature(48, false, false);
byte[] derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, false, false);
//With R padding
joseSignature = createJOSESignature(48, true, false);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, true, false);
//With S padding
joseSignature = createJOSESignature(48, false, true);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, false, true);
//With both paddings
joseSignature = createJOSESignature(48, true, true);
derSignature = algorithm384.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 48, true, true);
}
项目:javaOIDCMsg
文件:ECDSABouncyCastleProviderTests.java
@Test
public void shouldDecodeECDSA384DER() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
//Without padding
byte[] derSignature = createDERSignature(48, false, false);
byte[] joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, false);
//With R padding
derSignature = createDERSignature(48, true, false);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, false);
//With S padding
derSignature = createDERSignature(48, false, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, true);
//With both paddings
derSignature = createDERSignature(48, true, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, true);
}
项目:GitHub
文件:PubkeyUtilsTest.java
@Test
public void recoverKeyPair_Ec() throws Exception {
KeyPair kp = PubkeyUtils.recoverKeyPair(EC_KEY_PKCS8);
ECPublicKey pubKey = (ECPublicKey) kp.getPublic();
assertEquals(EC_KEY_pub_x, pubKey.getW().getAffineX());
assertEquals(EC_KEY_pub_y, pubKey.getW().getAffineY());
}
项目:toshi-headless-client
文件:ECKey.java
private static ECPoint extractPublicKey(final ECPublicKey ecPublicKey) {
final java.security.spec.ECPoint publicPointW = ecPublicKey.getW();
final BigInteger xCoord = publicPointW.getAffineX();
final BigInteger yCoord = publicPointW.getAffineY();
return CURVE.getCurve().createPoint(xCoord, yCoord);
}
项目:javaOIDCMsg
文件:ECDSAAlgorithmTest.java
@Test
public void shouldPassECDSA512VerificationWithJOSESignatureWithBothKeys() throws Exception {
String token = "eyJhbGciOiJFUzUxMiJ9.eyJpc3MiOiJhdXRoMCJ9.AeCJPDIsSHhwRSGZCY6rspi8zekOw0K9qYMNridP1Fu9uhrA1QrG-EUxXlE06yvmh2R7Rz0aE7kxBwrnq8L8aOBCAYAsqhzPeUvyp8fXjjgs0Eto5I0mndE2QHlgcMSFASyjHbU8wD2Rq7ZNzGQ5b2MZfpv030WGUajT-aZYWFUJHVg2";
Algorithm algorithm = Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
项目:ipack
文件:BCDSTU4145PublicKey.java
public BCDSTU4145PublicKey(
ECPublicKey key)
{
this.algorithm = key.getAlgorithm();
this.ecSpec = key.getParams();
this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false);
}
项目:ipack
文件:BCECPublicKey.java
public BCECPublicKey(
ECPublicKey key,
ProviderConfiguration configuration)
{
this.algorithm = key.getAlgorithm();
this.ecSpec = key.getParams();
this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false);
}
项目:talchain
文件:ECKey.java
private static ECPoint extractPublicKey(final ECPublicKey ecPublicKey) {
final java.security.spec.ECPoint publicPointW = ecPublicKey.getW();
final BigInteger xCoord = publicPointW.getAffineX();
final BigInteger yCoord = publicPointW.getAffineY();
return CURVE.getCurve().createPoint(xCoord, yCoord);
}