@Override public Key getPrivateKey() { return ((PublicJsonWebKey) key).getPrivateKey(); } }
return publicJsonWebKey.getPrivateKey();
ContentEncryptionKeys manageForEncrypt(Key managementKey, ContentEncryptionKeyDescriptor cekDesc, Headers headers, PublicJsonWebKey ephemeralJwk, ProviderContext providerContext) throws JoseException { headers.setJwkHeaderValue(HeaderParameterNames.EPHEMERAL_PUBLIC_KEY, ephemeralJwk); byte[] z = generateEcdhSecret(ephemeralJwk.getPrivateKey(), (PublicKey) managementKey, providerContext); byte[] derivedKey = kdf(cekDesc, headers, z, providerContext); return new ContentEncryptionKeys(derivedKey, null); }
/** * Configure json web signature for id token signing. * * @param svc the svc * @param jws the jws * @param jsonWebKey the json web key * @return the json web signature */ protected JsonWebSignature configureJsonWebSignatureForIdTokenSigning(final OAuthRegisteredService svc, final JsonWebSignature jws, final PublicJsonWebKey jsonWebKey) { LOGGER.debug("Service [{}] is set to sign id tokens", svc); jws.setKey(jsonWebKey.getPrivateKey()); jws.setAlgorithmConstraints(AlgorithmConstraints.DISALLOW_NONE); if (StringUtils.isNotBlank(jsonWebKey.getKeyId())) { jws.setKeyIdHeaderValue(jsonWebKey.getKeyId()); } LOGGER.debug("Signing id token with key id header value [{}]", jws.getKeyIdHeaderValue()); jws.setAlgorithmHeaderValue(getJsonWebKeySigningAlgorithm(svc)); LOGGER.debug("Signing id token with algorithm [{}]", jws.getAlgorithmHeaderValue()); return jws; }
public boolean testDecryptWithJose4J(String jwe) { try { PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(recipientJwkJson); JsonWebEncryption receiverJwe = new JsonWebEncryption(); AlgorithmConstraints algConstraints = new AlgorithmConstraints(ConstraintType.WHITELIST, KeyManagementAlgorithmIdentifiers.RSA_OAEP); receiverJwe.setAlgorithmConstraints(algConstraints); AlgorithmConstraints encConstraints = new AlgorithmConstraints(ConstraintType.WHITELIST, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); receiverJwe.setContentEncryptionAlgorithmConstraints(encConstraints); receiverJwe.setKey(jwk.getPrivateKey()); receiverJwe.setCompactSerialization(jwe); final String decryptedPayload = new String(Base64Util.base64urldecode(receiverJwe.getPlaintextString())); System.out.println("Jose4j decrypt succeed: " + decryptedPayload); if (decryptedPayload.equals(PAYLOAD)) { return true; } } catch (Exception e) { System.out.println("Jose4j decrypt failed: " + e.getMessage()); e.printStackTrace(); } return false; }