@Override public boolean matches(final X509Certificate cert) { RSAPublicKey certRSAKey; try { certRSAKey = (RSAPublicKey) getParsedX509CertChain().get(0).getPublicKey(); } catch (ClassCastException ex) { return false; } if (! e.decodeToBigInteger().equals(certRSAKey.getPublicExponent())) { return false; } if (! n.decodeToBigInteger().equals(certRSAKey.getModulus())) { return false; } return true; }
/** * Returns a standard {@code java.security.interfaces.RSAPublicKey} * representation of this RSA JWK. * * @return The public RSA key. * * @throws JOSEException If RSA is not supported by the underlying Java * Cryptography (JCA) provider or if the JWK * parameters are invalid for a public RSA key. */ public RSAPublicKey toRSAPublicKey() throws JOSEException { BigInteger modulus = n.decodeToBigInteger(); BigInteger exponent = e.decodeToBigInteger(); RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent); try { KeyFactory factory = KeyFactory.getInstance("RSA"); return (RSAPublicKey) factory.generatePublic(spec); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new JOSEException(e.getMessage(), e); } }
/** * Ensures the specified 'x' and 'y' public coordinates are on the * given curve. * * @param crv The curve. Must not be {@code null}. * @param x The public 'x' coordinate. Must not be {@code null}. * @param y The public 'y' coordinate. Must not be {@code null}. */ private static void ensurePublicCoordinatesOnCurve(final Curve crv, final Base64URL x, final Base64URL y) { if (! SUPPORTED_CURVES.contains(crv)) { throw new IllegalArgumentException("Unknown / unsupported curve: " + crv); } if (! ECChecks.isPointOnCurve(x.decodeToBigInteger(), y.decodeToBigInteger(), crv.toECParameterSpec())) { throw new IllegalArgumentException("Invalid EC JWK: The 'x' and 'y' public coordinates are not on the " + crv + " curve"); } }
BigInteger modulus = n.decodeToBigInteger(); BigInteger privateExponent = d.decodeToBigInteger(); BigInteger publicExponent = e.decodeToBigInteger(); BigInteger primeP = p.decodeToBigInteger(); BigInteger primeQ = q.decodeToBigInteger(); BigInteger primeExponentP = dp.decodeToBigInteger(); BigInteger primeExponentQ = dq.decodeToBigInteger(); BigInteger crtCoefficient = qi.decodeToBigInteger(); BigInteger otherPrime = opi.getPrimeFactor().decodeToBigInteger(); BigInteger otherPrimeExponent = opi.getFactorCRTExponent().decodeToBigInteger(); BigInteger otherCrtCoefficient = opi.getFactorCRTCoefficient().decodeToBigInteger();
@Override public boolean matches(final X509Certificate cert) { ECPublicKey certECKey; try { certECKey = (ECPublicKey) getParsedX509CertChain().get(0).getPublicKey(); } catch (ClassCastException ex) { return false; } // Compare Big Ints, base64url encoding may have padding! // https://tools.ietf.org/html/rfc7518#section-6.2.1.2 if (! getX().decodeToBigInteger().equals(certECKey.getW().getAffineX())) { return false; } if (! getY().decodeToBigInteger().equals(certECKey.getW().getAffineY())) { return false; } return true; }
ECPoint w = new ECPoint(x.decodeToBigInteger(), y.decodeToBigInteger());
ECPrivateKeySpec privateKeySpec = new ECPrivateKeySpec(d.decodeToBigInteger(), spec);