java.security.interfaces.RSAKey Java Examples

The following examples show how to use java.security.interfaces.RSAKey. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SpecTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.err.println("priv.getModulus() = " + priv.getModulus());
            System.err.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.err.println("pubExponent = " + pubExponent);
            System.err.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #2
Source File: KeyPairUtil.java    From MaxKey with Apache License 2.0 6 votes vote down vote up
/**
 * Get the key size of a public key.
 * 
 * @param pubKey The public key
 * @return The key size, {@link #UNKNOWN_KEY_SIZE} if not known
 */
public static int getKeyLength(PublicKey pubKey)
{
	if (pubKey instanceof RSAKey)
	{
		return ((RSAKey) pubKey).getModulus().bitLength();
	}
	else if (pubKey instanceof DSAKey)
	{
		return ((DSAKey) pubKey).getParams().getP().bitLength();
	}
	else if (pubKey instanceof DHKey)
	{
		return ((DHKey) pubKey).getParams().getP().bitLength();
	}
	else if (pubKey instanceof ECKey)
	{
		// TODO: how to get key size from these?
		return UNKNOWN_KEY_SIZE;
	}

	_logger.warn("Don't know how to get key size from key " + pubKey);
	return UNKNOWN_KEY_SIZE;
}
 
Example #3
Source File: SpecTest.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.out.println("priv.getModulus() = " + priv.getModulus());
            System.out.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.out.println("pubExponent = " + pubExponent);
            System.out.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #4
Source File: SpecTest.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.out.println("priv.getModulus() = " + priv.getModulus());
            System.out.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.out.println("pubExponent = " + pubExponent);
            System.out.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #5
Source File: SpecTest.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.out.println("priv.getModulus() = " + priv.getModulus());
            System.out.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.out.println("pubExponent = " + pubExponent);
            System.out.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #6
Source File: SpecTest.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.out.println("priv.getModulus() = " + priv.getModulus());
            System.out.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.out.println("pubExponent = " + pubExponent);
            System.out.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #7
Source File: SpecTest.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.err.println("priv.getModulus() = " + priv.getModulus());
            System.err.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.err.println("pubExponent = " + pubExponent);
            System.err.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #8
Source File: SpecTest.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 *
 * @param kpair test key pair
 * @param pubExponent expected public exponent.
 * @return true if test passed. false if test failed.
 */
private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
    boolean passed = true;
    RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
    RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();

    // test the getModulus method
    if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
        if (!priv.getModulus().equals(pub.getModulus())) {
            System.out.println("priv.getModulus() = " + priv.getModulus());
            System.out.println("pub.getModulus() = " + pub.getModulus());
            passed = false;
        }

        if (!pubExponent.equals(pub.getPublicExponent())) {
            System.out.println("pubExponent = " + pubExponent);
            System.out.println("pub.getPublicExponent() = "
                    + pub.getPublicExponent());
            passed = false;
        }
    }
    return passed;
}
 
Example #9
Source File: KeyPairUtil.java    From portecle with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Get the key size of a public key.
 *
 * @param pubKey The public key
 * @return The key size, {@link #UNKNOWN_KEY_SIZE} if not known
 */
public static int getKeyLength(PublicKey pubKey)
{
	if (pubKey instanceof RSAKey)
	{
		return ((RSAKey) pubKey).getModulus().bitLength();
	}
	else if (pubKey instanceof DSAKey)
	{
		return ((DSAKey) pubKey).getParams().getP().bitLength();
	}
	else if (pubKey instanceof DHKey)
	{
		return ((DHKey) pubKey).getParams().getP().bitLength();
	}
	else if (pubKey instanceof ECKey)
	{
		// TODO: how to get key size from these?
		return UNKNOWN_KEY_SIZE;
	}

	LOG.warning("Don't know how to get key size from key " + pubKey);
	return UNKNOWN_KEY_SIZE;
}
 
Example #10
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldAcceptRSA256Algorithm() throws Exception {
    String token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
    RSAKey key = (RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA");
    DecodedJWT jwt = JWT.require(Algorithm.RSA256(key))
            .build()
            .verify(token);

    assertThat(jwt, is(notNullValue()));
}
 
Example #11
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailOnRSA384SigningWhenUsingPublicKey() throws Exception {
    exception.expect(SignatureGenerationException.class);
    exception.expectMessage("The Token's Signature couldn't be generated when signing using the Algorithm: SHA384withRSA");
    exception.expectCause(isA(IllegalStateException.class));
    exception.expectCause(hasMessage(is("The given Private Key is null.")));

    Algorithm algorithm = Algorithm.RSA384((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));
    algorithm.sign(new byte[0], new byte[0]);
}
 
Example #12
Source File: ConcurrentVerifyTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldPassRSA384Verification() throws Exception {
    String token = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.TZlWjXObwGSQOiu2oMq8kiKz0_BR7bbBddNL6G8eZ_GoR82BXOZDqNrQr7lb_M-78XGBguWLWNIdYhzgxOUL9EoCJlrqVm9s9vo6G8T1sj1op-4TbjXZ61TwIvrJee9BvPLdKUJ9_fp1Js5kl6yXkst40Th8Auc5as4n49MLkipjpEhKDKaENKHpSubs1ripSz8SCQZSofeTM_EWVwSw7cpiM8Fy8jOPvWG8Xz4-e3ODFowvHVsDcONX_4FTMNbeRqDuHq2ZhCJnEfzcSJdrve_5VD5fM1LperBVslTrOxIgClOJ3RmM7-WnaizJrWP3D6Z9OLxPxLhM6-jx6tcxEw";
    Algorithm algorithm = Algorithm.RSA384((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));
    JWTVerifier verifier = JWTVerifier.init(algorithm).withIssuer("auth0").build();

    concurrentVerify(verifier, token);
}
 
Example #13
Source File: ConcurrentVerifyTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldPassRSA256Verification() throws Exception {
    String token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
    Algorithm algorithm = Algorithm.RSA256((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));
    JWTVerifier verifier = JWTVerifier.init(algorithm).withIssuer("auth0").build();

    concurrentVerify(verifier, token);
}
 
Example #14
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldCreateAnEmptyRSA512SignedToken() throws Exception {
    String signed = JWT.create().sign(Algorithm.RSA512((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
    assertThat(signed, is(notNullValue()));

    String[] parts = signed.split("\\.");
    String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
    assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS512"));
    assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT"));
    assertThat(parts[1], is("e30"));

    JWTVerifier verified = JWT.require(Algorithm.RSA512((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA")))
            .build();
    assertThat(verified, is(notNullValue()));
}
 
Example #15
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldCreateAnEmptyRSA384SignedToken() throws Exception {
    String signed = JWT.create().sign(Algorithm.RSA384((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
    assertThat(signed, is(notNullValue()));

    String[] parts = signed.split("\\.");
    String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
    assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS384"));
    assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT"));
    assertThat(parts[1], is("e30"));

    JWTVerifier verified = JWT.require(Algorithm.RSA384((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA")))
            .build();
    assertThat(verified, is(notNullValue()));
}
 
Example #16
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldCreateAnEmptyRSA256SignedToken() throws Exception {
    String signed = JWT.create().sign(Algorithm.RSA256((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
    assertThat(signed, is(notNullValue()));

    String[] parts = signed.split("\\.");
    String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
    assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS256"));
    assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT"));
    assertThat(parts[1], is("e30"));

    JWTVerifier verified = JWT.require(Algorithm.RSA256((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA")))
            .build();
    assertThat(verified, is(notNullValue()));
}
 
Example #17
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldAcceptRSA512Algorithm() throws Exception {
    String token = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.mvL5LoMyIrWYjk5umEXZTmbyIrkbbcVPUkvdGZbu0qFBxGOf0nXP5PZBvPcOu084lvpwVox5n3VaD4iqzW-PsJyvKFgi5TnwmsbKchAp7JexQEsQOnTSGcfRqeUUiBZqRQdYsho71oAB3T4FnalDdFEpM-fztcZY9XqKyayqZLreTeBjqJm4jfOWH7KfGBHgZExQhe96NLq1UA9eUyQwdOA1Z0SgXe4Ja5PxZ6Fm37KnVDtDlNnY4JAAGFo6y74aGNnp_BKgpaVJCGFu1f1S5xCQ1HSvs8ZSdVWs5NgawW3wRd0kRt_GJ_Y3mIwiF4qUyHWGtsSHu_qjVdCTtbFyow";
    RSAKey key = (RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA");
    DecodedJWT jwt = JWT.require(Algorithm.RSA512(key))
            .build()
            .verify(token);

    assertThat(jwt, is(notNullValue()));
}
 
Example #18
Source File: JWTTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldAcceptRSA384Algorithm() throws Exception {
    String token = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.TZlWjXObwGSQOiu2oMq8kiKz0_BR7bbBddNL6G8eZ_GoR82BXOZDqNrQr7lb_M-78XGBguWLWNIdYhzgxOUL9EoCJlrqVm9s9vo6G8T1sj1op-4TbjXZ61TwIvrJee9BvPLdKUJ9_fp1Js5kl6yXkst40Th8Auc5as4n49MLkipjpEhKDKaENKHpSubs1ripSz8SCQZSofeTM_EWVwSw7cpiM8Fy8jOPvWG8Xz4-e3ODFowvHVsDcONX_4FTMNbeRqDuHq2ZhCJnEfzcSJdrve_5VD5fM1LperBVslTrOxIgClOJ3RmM7-WnaizJrWP3D6Z9OLxPxLhM6-jx6tcxEw";
    RSAKey key = (RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA");
    DecodedJWT jwt = JWT.require(Algorithm.RSA384(key))
            .build()
            .verify(token);

    assertThat(jwt, is(notNullValue()));
}
 
Example #19
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldDoRSA384Signing() throws Exception {
    Algorithm algorithmSign = Algorithm.RSA384((RSAKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE, "RSA"));
    Algorithm algorithmVerify = Algorithm.RSA384((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));

    String jwt = asJWT(algorithmSign, RS384Header, auth0IssPayload);
    String expectedSignature = "Jx1PaTBnjd_U56MNjifFcY7w9ImDbseg0y8Ijr2pSiA1_wzQb_wy9undaWfzR5YqdIAXvjS8AGuZUAzIoTG4KMgOgdVyYDz3l2jzj6wI-lgqfR5hTy1w1ruMUQ4_wobpdxAiJ4fEbg8Mi_GljOiCO-P1HilxKnpiOJZidR8MQGwTInsf71tOUkK4x5UsdmUueuZbaU-CL5kPnRfXmJj9CcdxZbD9oMlbo23dwkP5BNMrS2LwGGzc9C_-ypxrBIOVilG3WZxcSmuG86LjcZbnL6LBEfph5NmKBgQav147uipb_7umBEr1m2dYiB_9u606n3bcoo3rnsYYK_Xfi1GAEQ";

    assertSignaturePresent(jwt);
    assertSignatureValue(jwt, expectedSignature);
    algorithmVerify.verify(JWT.decode(jwt));
}
 
Example #20
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailOnRSA256SigningWhenUsingPublicKey() throws Exception {
    exception.expect(SignatureGenerationException.class);
    exception.expectMessage("The Token's Signature couldn't be generated when signing using the Algorithm: SHA256withRSA");
    exception.expectCause(isA(IllegalStateException.class));
    exception.expectCause(hasMessage(is("The given Private Key is null.")));

    Algorithm algorithm = Algorithm.RSA256((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));
    algorithm.sign(new byte[0], new byte[0]);
}
 
Example #21
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA512VerificationWhenUsingPrivateKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA512withRSA");
    exception.expectCause(isA(IllegalStateException.class));
    exception.expectCause(hasMessage(is("The given Public Key is null.")));
    String jwt = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.mvL5LoMyIrWYjk5umEXZTmbyIrkbbcVPUkvdGZbu0qFBxGOf0nXP5PZBvPcOu084lvpwVox5n3VaD4iqzW-PsJyvKFgi5TnwmsbKchAp7JexQEsQOnTSGcfRqeUUiBZqRQdYsho71oAB3T4FnalDdFEpM-fztcZY9XqKyayqZLreTeBjqJm4jfOWH7KfGBHgZExQhe96NLq1UA9eUyQwdOA1Z0SgXe4Ja5PxZ6Fm37KnVDtDlNnY4JAAGFo6y74aGNnp_BKgpaVJCGFu1f1S5xCQ1HSvs8ZSdVWs5NgawW3wRd0kRt_GJ_Y3mIwiF4qUyHWGtsSHu_qjVdCTtbFyow";
    Algorithm algorithm = Algorithm.RSA512((RSAKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #22
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA512VerificationWithInvalidPublicKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA512withRSA");
    String jwt = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.mvL5LoMyIrWYjk5umEXZTmbyIrkbbcVPUkvdGZbu0qFBxGOf0nXP5PZBvPcOu084lvpwVox5n3VaD4iqzW-PsJyvKFgi5TnwmsbKchAp7JexQEsQOnTSGcfRqeUUiBZqRQdYsho71oAB3T4FnalDdFEpM-fztcZY9XqKyayqZLreTeBjqJm4jfOWH7KfGBHgZExQhe96NLq1UA9eUyQwdOA1Z0SgXe4Ja5PxZ6Fm37KnVDtDlNnY4JAAGFo6y74aGNnp_BKgpaVJCGFu1f1S5xCQ1HSvs8ZSdVWs5NgawW3wRd0kRt_GJ_Y3mIwiF4qUyHWGtsSHu_qjVdCTtbFyow";
    Algorithm algorithm = Algorithm.RSA512((RSAKey) readPublicKeyFromFile(INVALID_PUBLIC_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #23
Source File: ConcurrentVerifyTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldPassRSA512Verification() throws Exception {
    String token = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.mvL5LoMyIrWYjk5umEXZTmbyIrkbbcVPUkvdGZbu0qFBxGOf0nXP5PZBvPcOu084lvpwVox5n3VaD4iqzW-PsJyvKFgi5TnwmsbKchAp7JexQEsQOnTSGcfRqeUUiBZqRQdYsho71oAB3T4FnalDdFEpM-fztcZY9XqKyayqZLreTeBjqJm4jfOWH7KfGBHgZExQhe96NLq1UA9eUyQwdOA1Z0SgXe4Ja5PxZ6Fm37KnVDtDlNnY4JAAGFo6y74aGNnp_BKgpaVJCGFu1f1S5xCQ1HSvs8ZSdVWs5NgawW3wRd0kRt_GJ_Y3mIwiF4qUyHWGtsSHu_qjVdCTtbFyow";
    Algorithm algorithm = Algorithm.RSA512((RSAKey) readPublicKeyFromFile(PUBLIC_KEY_FILE, "RSA"));
    JWTVerifier verifier = JWTVerifier.init(algorithm).withIssuer("auth0").build();

    concurrentVerify(verifier, token);
}
 
Example #24
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA384VerificationWhenUsingPrivateKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA384withRSA");
    exception.expectCause(isA(IllegalStateException.class));
    exception.expectCause(hasMessage(is("The given Public Key is null.")));
    String jwt = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.TZlWjXObwGSQOiu2oMq8kiKz0_BR7bbBddNL6G8eZ_GoR82BXOZDqNrQr7lb_M-78XGBguWLWNIdYhzgxOUL9EoCJlrqVm9s9vo6G8T1sj1op-4TbjXZ61TwIvrJee9BvPLdKUJ9_fp1Js5kl6yXkst40Th8Auc5as4n49MLkipjpEhKDKaENKHpSubs1ripSz8SCQZSofeTM_EWVwSw7cpiM8Fy8jOPvWG8Xz4-e3ODFowvHVsDcONX_4FTMNbeRqDuHq2ZhCJnEfzcSJdrve_5VD5fM1LperBVslTrOxIgClOJ3RmM7-WnaizJrWP3D6Z9OLxPxLhM6-jx6tcxEw";
    Algorithm algorithm = Algorithm.RSA384((RSAKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #25
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA384VerificationWithInvalidPublicKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA384withRSA");
    String jwt = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.TZlWjXObwGSQOiu2oMq8kiKz0_BR7bbBddNL6G8eZ_GoR82BXOZDqNrQr7lb_M-78XGBguWLWNIdYhzgxOUL9EoCJlrqVm9s9vo6G8T1sj1op-4TbjXZ61TwIvrJee9BvPLdKUJ9_fp1Js5kl6yXkst40Th8Auc5as4n49MLkipjpEhKDKaENKHpSubs1ripSz8SCQZSofeTM_EWVwSw7cpiM8Fy8jOPvWG8Xz4-e3ODFowvHVsDcONX_4FTMNbeRqDuHq2ZhCJnEfzcSJdrve_5VD5fM1LperBVslTrOxIgClOJ3RmM7-WnaizJrWP3D6Z9OLxPxLhM6-jx6tcxEw";
    Algorithm algorithm = Algorithm.RSA384((RSAKey) readPublicKeyFromFile(INVALID_PUBLIC_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #26
Source File: RsaSigner.java    From jjwt with Apache License 2.0 5 votes vote down vote up
public RsaSigner(SignatureAlgorithm alg, Key key) {
    super(alg, key);
    // https://github.com/jwtk/jjwt/issues/68
    // Instead of checking for an instance of RSAPrivateKey, check for PrivateKey and RSAKey:
    if (!(key instanceof PrivateKey && key instanceof RSAKey)) {
        String msg = "RSA signatures must be computed using an RSA PrivateKey.  The specified key of type " +
                     key.getClass().getName() + " is not an RSA PrivateKey.";
        throw new IllegalArgumentException(msg);
    }
}
 
Example #27
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA256VerificationWhenUsingPrivateKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withRSA");
    exception.expectCause(isA(IllegalStateException.class));
    exception.expectCause(hasMessage(is("The given Public Key is null.")));
    String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
    Algorithm algorithm = Algorithm.RSA256((RSAKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #28
Source File: RSAAlgorithmTest.java    From java-jwt with MIT License 5 votes vote down vote up
@Test
public void shouldFailRSA256VerificationWithInvalidPublicKey() throws Exception {
    exception.expect(SignatureVerificationException.class);
    exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withRSA");
    String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
    Algorithm algorithm = Algorithm.RSA256((RSAKey) readPublicKeyFromFile(INVALID_PUBLIC_KEY_FILE, "RSA"));
    algorithm.verify(JWT.decode(jwt));
}
 
Example #29
Source File: EncryptionUtil.java    From AndroidHttpCapture with MIT License 5 votes vote down vote up
/**
 * Returns the type of digital signature used with the specified signing key.
 *
 * @param signingKey private key that will be used to sign a certificate (or something else)
 * @return a string representing the digital signature type (ECDSA, RSA, etc.)
 */
public static String getDigitalSignatureType(Key signingKey) {
    if (signingKey instanceof ECKey) {
        return "ECDSA";
    } else if (signingKey instanceof RSAKey) {
        return "RSA";
    } else if (signingKey instanceof DSAKey) {
        return "DSA";
    } else {
        throw new IllegalArgumentException("Cannot determine digital signature encryption type for unknown key type: " + signingKey.getClass().getCanonicalName());
    }

}
 
Example #30
Source File: JwsUtils.java    From cxf with Apache License 2.0 5 votes vote down vote up
public static void checkSignatureKeySize(Key key) {
    if (key instanceof RSAKey && ((RSAKey)key).getModulus().bitLength() < 2048) {
        LOG.fine("A key of size: " + ((RSAKey)key).getModulus().bitLength()
                 + " was used with an RSA signature algorithm. 2048 is the minimum size that is accepted");
        throw new JwsException(JwsException.Error.INVALID_KEY);
    }
}