本文整理汇总了Java中org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers类的典型用法代码示例。如果您正苦于以下问题:Java ContentEncryptionAlgorithmIdentifiers类的具体用法?Java ContentEncryptionAlgorithmIdentifiers怎么用?Java ContentEncryptionAlgorithmIdentifiers使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ContentEncryptionAlgorithmIdentifiers类属于org.jose4j.jwe包,在下文中一共展示了ContentEncryptionAlgorithmIdentifiers类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: createJWT
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
/**
* Encrypt the otp to be send via mail
*/
@Override
public String createJWT(String userid, long ttlMillis) {
Key key = new AesKey(ConfigUtil.get(JWTKEY).getBytes());
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setKey(key);
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(
ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
jwe.setPayload(userid + "&&" + ttlMillis);
try {
return jwe.getCompactSerialization();
} catch (JoseException e) {
xLogger.warn("Unable to get the jwt service: {0}", e.getMessage());
}
return null;
}
开发者ID:logistimo,项目名称:logistimo-web-service,代码行数:20,代码来源:AuthenticationServiceImpl.java
示例2: decryptJWT
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
/**
* Decrypt the otp received via mail
*/
@Override
public String decryptJWT(String token) {
JsonWebEncryption jwe = new JsonWebEncryption();
Key key = new AesKey(ConfigUtil.get(JWTKEY).getBytes());
jwe.setKey(key);
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(
ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
try {
jwe.setCompactSerialization(token);
return jwe.getPayload();
} catch (JoseException e) {
xLogger.warn("Unable to get the jwt service: {0}", e.getMessage());
}
jwe.setKey(key);
return null;
}
开发者ID:logistimo,项目名称:logistimo-web-service,代码行数:21,代码来源:AuthenticationServiceImpl.java
示例3: testNpeWithNonExtractableKeyDataDirect
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
public void testNpeWithNonExtractableKeyDataDirect() throws Exception
{
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256, "j-DJVQ9ftUV-muUT_-yjP6dB9kuypGeT6lEGpCKOi-c");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, ContentEncryptionAlgorithmIdentifiers.AES_192_CBC_HMAC_SHA_384, "X--mSrs-JGaf0ulQQFSoJGH0vjrfe_c1X--mSrs-JGaf0ulQQFSoJGH0vjrfe_c1");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512, "j-DJVQ9ftUV-muUT_-yjP6dB9kuypGeT6lEGpCKOi-cj-DJVQ9ftUV-muUT_-yjP6dB9kuypGeT6lEGpCKOi-c");
JceProviderTestSupport jceProviderTestSupport = new JceProviderTestSupport();
jceProviderTestSupport.setEncryptionAlgsNeeded(AES_128_GCM, AES_192_GCM, AES_256_GCM);
jceProviderTestSupport.runWithBouncyCastleProviderIfNeeded(
new JceProviderTestSupport.RunnableTest()
{
@Override
public void runTest() throws Exception
{
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, AES_128_GCM, "mmp7iLc1cB7cQrEtqyb9c1");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, AES_192_GCM, "X--mSrs-JGaf0ulQQFSoJGH0vjrfe_c1");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.DIRECT, AES_256_GCM, "j-DJVQ9ftUV-muUT_-yjP6dB9kuypGeT6lEGpCKOi-c");
}
}
);
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:23,代码来源:JwtConsumerTest.java
示例4: testKdf1
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
public void testKdf1() throws Exception
{
// test values produced from implementation found at http://stackoverflow.com/questions/10879658
String derivedKey = "pgs50IOZ6BxfqvTSie4t9OjWxGr4whiHo1v9Dti93CRiJE2PP60FojLatVVrcjg3BxpuFjnlQxL97GOwAfcwLA";
byte[] z = Base64Url.decode("Sq8rGLm4rEtzScmnSsY5r1n-AqBl_iBU8FxN80Uc0S0");
System.out.println(Base64Url.encode(z));
KdfUtil kdfUtil = new KdfUtil();
int keyDatalen = 512;
String alg = ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512;
byte[] algId = kdfUtil.prependDatalen(StringUtil.getBytesUtf8(alg));
byte[] partyU = new byte[] {0, 0, 0, 0};
byte[] partyV = new byte[] {0, 0, 0, 0};
byte[] pub = ByteUtil.getBytes(keyDatalen);
byte[] priv = ByteUtil.EMPTY_BYTES;
ConcatKeyDerivationFunction myConcatKdf = new ConcatKeyDerivationFunction("SHA-256", null);
byte[] kdfed = myConcatKdf.kdf(z, keyDatalen, algId, partyU, partyV, pub, priv);
assertEquals(derivedKey, Base64Url.encode(kdfed));
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:22,代码来源:ConcatKeyDerivationFunctionTest.java
示例5: testKdf2
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
public void testKdf2() throws Exception
{
// test values produced from implementation found at http://stackoverflow.com/questions/10879658
String derivedKey = "vphyobtvExGXF7TaOvAkx6CCjHQNYamP2ET8xkhTu-0";
byte[] z = Base64Url.decode("LfkHot2nGTVlmfxbgxQfMg"); // ByteUtil.randomBytes(16);
System.out.println(Base64Url.encode(z));
KdfUtil kdfUtil = new KdfUtil(null);
int keyDatalen = 256;
String alg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
byte[] algId = kdfUtil.prependDatalen(StringUtil.getBytesUtf8(alg));
byte[] partyU = new byte[] {0, 0, 0, 0};
byte[] partyV = new byte[] {0, 0, 0, 0};
byte[] pub = ByteUtil.getBytes(keyDatalen);
byte[] priv = ByteUtil.EMPTY_BYTES;
ConcatKeyDerivationFunction myConcatKdf = new ConcatKeyDerivationFunction("SHA-256", null);
byte[] kdfed = myConcatKdf.kdf(z, keyDatalen, algId, partyU, partyV, pub, priv);
assertEquals(derivedKey, Base64Url.encode(kdfed));
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:21,代码来源:ConcatKeyDerivationFunctionTest.java
示例6: testKdf4
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
public void testKdf4() throws Exception
{
// test values produced from implementation found at http://stackoverflow.com/questions/10879658
String derivedKey = "SNOvl6h5iSYWJ_EhlnvK8o6om9iyR8HkKMQtQYGkYKkVY0HFMleoUm-H6-kLz8sW";
byte[] z = Base64Url.decode("zp9Hot2noTVlmfxbkXqfn1");
KdfUtil kdfUtil = new KdfUtil();
int keyDatalen = 384;
String alg = ContentEncryptionAlgorithmIdentifiers.AES_192_CBC_HMAC_SHA_384;
byte[] algId = kdfUtil.prependDatalen(StringUtil.getBytesUtf8(alg));
byte[] partyU = new byte[] {0, 0, 0, 0};
byte[] partyV = new byte[] {0, 0, 0, 0};
byte[] pub = ByteUtil.getBytes(keyDatalen);
byte[] priv = ByteUtil.EMPTY_BYTES;
ConcatKeyDerivationFunction myConcatKdf = new ConcatKeyDerivationFunction("SHA-256");
byte[] kdfed = myConcatKdf.kdf(z, keyDatalen, algId, partyU, partyV, pub, priv);
assertEquals(derivedKey, Base64Url.encode(kdfed));
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:20,代码来源:ConcatKeyDerivationFunctionTest.java
示例7: encrypt
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Override public String encrypt(String data, PublicKey publicKey, String keyId, String contentType) throws JWEFailure {
String encrypted;
JsonWebEncryption jwe = new JsonWebEncryption();
try {
jwe.setKey(publicKey);
jwe.setPlaintext(data);
jwe.setKeyIdHeaderValue(keyId);
jwe.setContentTypeHeaderValue(contentType);
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
encrypted = jwe.getCompactSerialization();
} catch (JoseException e) {
throw new JWEFailure("An error occurred attempting to encrypt a JWE", e);
}
return encrypted;
}
开发者ID:iovation,项目名称:launchkey-java,代码行数:17,代码来源:Jose4jJWEService.java
示例8: aesEncryptDecrypt128
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void aesEncryptDecrypt128() throws Exception {
String keyText = "iue98623diDEs096";
String data = "I am marico";
Key key = new AesKey(keyText.getBytes());
//加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
jwe.setKey(key);
jwe.setPayload(data);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println(data + " idToken: " + idToken);
//解密
JsonWebEncryption jwe2 = new JsonWebEncryption();
jwe2.setKey(key);
jwe2.setCompactSerialization(idToken);
final String payload = jwe2.getPayload();
assertNotNull(payload);
assertEquals(payload, data);
}
开发者ID:monkeyk,项目名称:oauth2-shiro,代码行数:29,代码来源:Jose4JTest.java
示例9: aesEncryptDecrypt256
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void aesEncryptDecrypt256() throws Exception {
String keyText = "[email protected](*JKse09";
String data = "I am marico";
Key key = new AesKey(keyText.getBytes());
//加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A256KW);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
jwe.setKey(key);
jwe.setPayload(data);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println(data + " idToken: " + idToken);
//解密
JsonWebEncryption jwe2 = new JsonWebEncryption();
jwe2.setKey(key);
jwe2.setCompactSerialization(idToken);
final String payload = jwe2.getPayload();
assertNotNull(payload);
assertEquals(payload, data);
}
开发者ID:monkeyk,项目名称:oauth2-shiro,代码行数:29,代码来源:Jose4JTest.java
示例10: jweEncrypt
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
private static String jweEncrypt(Key key, String payload, boolean isPayloadJWT) throws Exception {
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(
KeyManagementAlgorithmIdentifiers.RSA_OAEP);
jwe.setEncryptionMethodHeaderParameter(
ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
jwe.setKey(key);
if (isPayloadJWT) jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(payload);
return jwe.getCompactSerialization();
}
开发者ID:gahana,项目名称:edge-jwt-sample,代码行数:12,代码来源:JWTUtil.java
示例11: jweDecrypt
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
private static String jweDecrypt(Key key, String jwt) throws Exception {
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmConstraints(
new AlgorithmConstraints(
ConstraintType.WHITELIST,
KeyManagementAlgorithmIdentifiers.RSA_OAEP));
jwe.setContentEncryptionAlgorithmConstraints(
new AlgorithmConstraints(
ConstraintType.WHITELIST,
ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512));
jwe.setCompactSerialization(jwt);
jwe.setKey(key);
return jwe.getPlaintextString();
}
开发者ID:gahana,项目名称:edge-jwt-sample,代码行数:15,代码来源:JWTUtil.java
示例12: jwtProcess
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
private static String jwtProcess(Key jweKey, Key jwsKey, String jwt) throws Exception {
AlgorithmConstraints jwsAlgConstraints =
new AlgorithmConstraints(
ConstraintType.WHITELIST,
AlgorithmIdentifiers.HMAC_SHA512);
AlgorithmConstraints jweAlgConstraints =
new AlgorithmConstraints(
ConstraintType.WHITELIST,
KeyManagementAlgorithmIdentifiers.RSA_OAEP);
AlgorithmConstraints jweEncConstraints =
new AlgorithmConstraints(
ConstraintType.WHITELIST,
ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
JwtConsumer jwtConsumer =
new JwtConsumerBuilder()
.setRequireExpirationTime()
.setMaxFutureValidityInMinutes(300)
.setRequireSubject()
.setExpectedIssuer("issue-idp-1")
.setExpectedAudience("aud-1", "aud-2")
.setDecryptionKey(jweKey)
.setVerificationKey(jwsKey)
.setRelaxVerificationKeyValidation()
.setJwsAlgorithmConstraints(jwsAlgConstraints)
.setJweAlgorithmConstraints(jweAlgConstraints)
.setJweContentEncryptionAlgorithmConstraints(jweEncConstraints)
.build();
try {
return jwtConsumer.processToClaims(jwt).toJson();
} catch (InvalidJwtException e) {
System.out.println("Invalid JWT! " + e);
return null;
}
}
开发者ID:gahana,项目名称:edge-jwt-sample,代码行数:39,代码来源:JWTUtil.java
示例13: testNpeWithNonExtractableKeyDataAxxxKW
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void testNpeWithNonExtractableKeyDataAxxxKW() throws Exception
{
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.A128KW, ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256, "mmp7iLc1cB7cQrEtqyb9c1");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.A192KW, ContentEncryptionAlgorithmIdentifiers.AES_192_CBC_HMAC_SHA_384, "X--mSrs-JGaf0ulQQFSoJGH0vjrfe_c1");
littleJweRoundTrip(KeyManagementAlgorithmIdentifiers.A256KW, ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512, "j-DJVQ9ftUV-muUT_-yjP6dB9kuypGeT6lEGpCKOi-c");
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:8,代码来源:JwtConsumerTest.java
示例14: create
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@NotNull
@Override
public JsonWebEncryption create() {
final JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
jwe.setKey(key);
return jwe;
}
开发者ID:bozaro,项目名称:git-as-svn,代码行数:10,代码来源:EncryptionFactoryAes.java
示例15: jwtECIdTokenConsumer
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
/**
* JWT 生成 idToken+加密, 进行消费(consume)
* 使用EC
*
* @throws Exception
*/
@Test
public void jwtECIdTokenConsumer() throws Exception {
// String keyId = GuidGenerator.generate();
EllipticCurveJsonWebKey sendJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
sendJwk.setKeyId(GuidGenerator.generate());
final String publicKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
final String privateKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
System.out.println("publicKeyString: " + publicKeyString);
System.out.println("privateKeyString: " + privateKeyString);
//生成 idToken
final JwtClaims jwtClaims = getJwtClaims();
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(jwtClaims.toJson());
//私钥
jws.setKey(sendJwk.getPrivateKey());
jws.setKeyIdHeaderValue(sendJwk.getKeyId());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
String innerIdToken = jws.getCompactSerialization();
assertNotNull(innerIdToken);
System.out.println("innerIdToken: " + innerIdToken);
//对 idToken 进行加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW);
String encAlg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
jwe.setEncryptionMethodHeaderParameter(encAlg);
EllipticCurveJsonWebKey receiverJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
receiverJwk.setKeyId(GuidGenerator.generate());
jwe.setKey(receiverJwk.getPublicKey());
jwe.setKeyIdHeaderValue(receiverJwk.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerIdToken);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println("idToken: " + idToken);
//解析idToken, 验签
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer("Issuer") // whom the JWT needs to have been issued by
.setExpectedAudience("Audience") // to whom the JWT is intended for
//解密的私钥
.setDecryptionKey(receiverJwk.getPrivateKey()) // decrypt with the receiver's private key
//验签的公钥
.setVerificationKey(sendJwk.getPublicKey()) // verify the signature with the sender's public key
.build(); // create the JwtConsumer instance
final JwtClaims claims = jwtConsumer.processToClaims(idToken);
assertNotNull(claims);
System.out.println(claims);
}
开发者ID:monkeyk,项目名称:oauth2-shiro,代码行数:72,代码来源:Jose4JTest.java
示例16: supportedAlgos
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
private static Map<String, String> supportedAlgos() {
// https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-3.1
// See jose4j javadoc http://static.javadoc.io/org.bitbucket.b_c/jose4j/0.5.6/org/jose4j/jws/AlgorithmIdentifiers.html
HashMap<String, String> algos = new HashMap<String, String>();
// Sign algos
algos.put("ECDSA_USING_P256_CURVE_AND_SHA256", AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
algos.put("ECDSA_USING_P384_CURVE_AND_SHA384", AlgorithmIdentifiers.ECDSA_USING_P384_CURVE_AND_SHA384);
algos.put("ECDSA_USING_P521_CURVE_AND_SHA512", AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512);
algos.put("HMAC_SHA256", AlgorithmIdentifiers.HMAC_SHA256);
algos.put("HMAC_SHA384", AlgorithmIdentifiers.HMAC_SHA384);
algos.put("HMAC_SHA512", AlgorithmIdentifiers.HMAC_SHA512);
algos.put("NONE", AlgorithmIdentifiers.NONE);
algos.put("RSA_PSS_USING_SHA256", AlgorithmIdentifiers.RSA_PSS_USING_SHA256);
algos.put("RSA_PSS_USING_SHA384", AlgorithmIdentifiers.RSA_PSS_USING_SHA384);
algos.put("RSA_PSS_USING_SHA512", AlgorithmIdentifiers.RSA_PSS_USING_SHA512);
algos.put("RSA_USING_SHA256", AlgorithmIdentifiers.RSA_USING_SHA256);
algos.put("RSA_USING_SHA384", AlgorithmIdentifiers.RSA_USING_SHA384);
algos.put("RSA_USING_SHA512", AlgorithmIdentifiers.RSA_USING_SHA512);
// Key Management Algos
algos.put("A128GCMKW", KeyManagementAlgorithmIdentifiers.A128GCMKW);
algos.put("A128KW", KeyManagementAlgorithmIdentifiers.A128KW);
algos.put("A192GCMKW", KeyManagementAlgorithmIdentifiers.A192GCMKW);
algos.put("A192KW", KeyManagementAlgorithmIdentifiers.A192KW);
algos.put("A256GCMKW", KeyManagementAlgorithmIdentifiers.A256GCMKW);
algos.put("A256KW", KeyManagementAlgorithmIdentifiers.A256KW);
algos.put("DIRECT", KeyManagementAlgorithmIdentifiers.DIRECT);
algos.put("ECDH_ES", KeyManagementAlgorithmIdentifiers.ECDH_ES);
algos.put("ECDH_ES_A128KW", KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW);
algos.put("ECDH_ES_A192KW", KeyManagementAlgorithmIdentifiers.ECDH_ES_A192KW);
algos.put("ECDH_ES_A256KW", KeyManagementAlgorithmIdentifiers.ECDH_ES_A256KW);
algos.put("PBES2_HS256_A128KW", KeyManagementAlgorithmIdentifiers.PBES2_HS256_A128KW);
algos.put("PBES2_HS384_A192KW", KeyManagementAlgorithmIdentifiers.PBES2_HS384_A192KW);
algos.put("PBES2_HS512_A256KW", KeyManagementAlgorithmIdentifiers.PBES2_HS512_A256KW);
algos.put("RSA_OAEP", KeyManagementAlgorithmIdentifiers.RSA_OAEP);
algos.put("RSA_OAEP_256", KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
algos.put("RSA1_5", KeyManagementAlgorithmIdentifiers.RSA1_5);
// Content encryption algos
algos.put("AES_128_CBC_HMAC_SHA_256", ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
algos.put("AES_128_GCM", ContentEncryptionAlgorithmIdentifiers.AES_128_GCM);
algos.put("AES_192_CBC_HMAC_SHA_384", ContentEncryptionAlgorithmIdentifiers.AES_192_CBC_HMAC_SHA_384);
algos.put("AES_192_GCM", ContentEncryptionAlgorithmIdentifiers.AES_192_GCM);
algos.put("AES_256_CBC_HMAC_SHA_512", ContentEncryptionAlgorithmIdentifiers.AES_256_CBC_HMAC_SHA_512);
algos.put("AES_256_GCM", ContentEncryptionAlgorithmIdentifiers.AES_256_GCM);
return algos;
}
开发者ID:gahana,项目名称:edge-jwt-sample,代码行数:50,代码来源:JWTValidator.java
示例17: jwtECIdTokenConsumer
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
/**
* JWT 生成 idToken+加密, 进行消费(consume)
* 使用EC
*
* @throws Exception
*/
@Test
public void jwtECIdTokenConsumer() throws Exception {
// String keyId = GuidGenerator.generate();
EllipticCurveJsonWebKey sendJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
sendJwk.setKeyId(RandomUtils.randomText());
final String publicKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
final String privateKeyString = sendJwk.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
System.out.println("publicKeyString: " + publicKeyString);
System.out.println("privateKeyString: " + privateKeyString);
//生成 idToken
final JwtClaims jwtClaims = getJwtClaims();
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(jwtClaims.toJson());
//私钥
jws.setKey(sendJwk.getPrivateKey());
jws.setKeyIdHeaderValue(sendJwk.getKeyId());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256);
String innerIdToken = jws.getCompactSerialization();
assertNotNull(innerIdToken);
System.out.println("innerIdToken: " + innerIdToken);
//对 idToken 进行加密
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW);
String encAlg = ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256;
jwe.setEncryptionMethodHeaderParameter(encAlg);
EllipticCurveJsonWebKey receiverJwk = EcJwkGenerator.generateJwk(EllipticCurves.P256);
receiverJwk.setKeyId(RandomUtils.randomText());
jwe.setKey(receiverJwk.getPublicKey());
jwe.setKeyIdHeaderValue(receiverJwk.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerIdToken);
String idToken = jwe.getCompactSerialization();
assertNotNull(idToken);
System.out.println("idToken: " + idToken);
//解析idToken, 验签
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setRequireSubject() // the JWT must have a subject claim
.setExpectedIssuer("Issuer") // whom the JWT needs to have been issued by
.setExpectedAudience("Audience") // to whom the JWT is intended for
//解密的私钥
.setDecryptionKey(receiverJwk.getPrivateKey()) // decrypt with the receiver's private key
//验签的公钥
.setVerificationKey(sendJwk.getPublicKey()) // verify the signature with the sender's public key
.build(); // create the JwtConsumer instance
final JwtClaims claims = jwtConsumer.processToClaims(idToken);
assertNotNull(claims);
System.out.println(claims);
}
开发者ID:monkeyk,项目名称:MyOIDC,代码行数:72,代码来源:Jose4JTest.java
示例18: jweRoundTripExample
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void jweRoundTripExample() throws JoseException
{
//
// An example showing the use of JSON Web Encryption (JWE) to encrypt and then decrypt some content
// using a symmetric key and direct encryption.
//
// The content to be encrypted
String message = "Well, as of this moment, they're on DOUBLE SECRET PROBATION!";
// The shared secret or shared symmetric key represented as a octet sequence JSON Web Key (JWK)
String jwkJson = "{\"kty\":\"oct\",\"k\":\"Fdh9u8rINxfivbrianbbVT1u232VQBZYKx1HGAGPt2I\"}";
JsonWebKey jwk = JsonWebKey.Factory.newJwk(jwkJson);
// Create a new Json Web Encryption object
JsonWebEncryption senderJwe = new JsonWebEncryption();
// The plaintext of the JWE is the message that we want to encrypt.
senderJwe.setPlaintext(message);
// Set the "alg" header, which indicates the key management mode for this JWE.
// In this example we are using the direct key management mode, which means
// the given key will be used directly as the content encryption key.
senderJwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.DIRECT);
// Set the "enc" header, which indicates the content encryption algorithm to be used.
// This example is using AES_128_CBC_HMAC_SHA_256 which is a composition of AES CBC
// and HMAC SHA2 that provides authenticated encryption.
senderJwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
// Set the key on the JWE. In this case, using direct mode, the key will used directly as
// the content encryption key. AES_128_CBC_HMAC_SHA_256, which is being used to encrypt the
// content requires a 256 bit key.
senderJwe.setKey(jwk.getKey());
// Produce the JWE compact serialization, which is where the actual encryption is done.
// The JWE compact serialization consists of five base64url encoded parts
// combined with a dot ('.') character in the general format of
// <header>.<encrypted key>.<initialization vector>.<ciphertext>.<authentication tag>
// Direct encryption doesn't use an encrypted key so that field will be an empty string
// in this case.
String compactSerialization = senderJwe.getCompactSerialization();
// Do something with the JWE. Like send it to some other party over the clouds
// and through the interwebs.
System.out.println("JWE compact serialization: " + compactSerialization);
// That other party, the receiver, can then use JsonWebEncryption to decrypt the message.
JsonWebEncryption receiverJwe = new JsonWebEncryption();
// Set the compact serialization on new Json Web Encryption object
receiverJwe.setCompactSerialization(compactSerialization);
// Symmetric encryption, like we are doing here, requires that both parties have the same key.
// The key will have had to have been securely exchanged out-of-band somehow.
receiverJwe.setKey(jwk.getKey());
// Get the message that was encrypted in the JWE. This step performs the actual decryption steps.
String plaintext = receiverJwe.getPlaintextString();
// And do whatever you need to do with the clear text message.
System.out.println("plaintext: " + plaintext);
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:65,代码来源:ExamplesTest.java
示例19: ctyRoundTrip
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
@Test
public void ctyRoundTrip() throws JoseException, InvalidJwtException, MalformedClaimException
{
JsonWebKeySet jwks = new JsonWebKeySet("{\"keys\":[" +
"{\"kty\":\"oct\",\"kid\":\"hk1\",\"alg\":\"HS256\",\"k\":\"RYCCH0Qai_7Clk_GnfBElTFIa5VJP3pJUDd8g5H0PKs\"}," +
"{\"kty\":\"oct\",\"kid\":\"ek1\",\"alg\":\"A128KW\",\"k\":\"Qi38jqNMENlgKaVRbhKWnQ\"}]}");
SimpleJwkFilter filter = new SimpleJwkFilter();
filter.setKid("hk1", false);
JsonWebKey hmacKey = filter.filter(jwks.getJsonWebKeys()).iterator().next();
filter = new SimpleJwkFilter();
filter.setKid("ek1", false);
JsonWebKey encKey = filter.filter(jwks.getJsonWebKeys()).iterator().next();
JwtClaims claims = new JwtClaims();
claims.setSubject("subject");
claims.setAudience("audience");
claims.setIssuer("issuer");
claims.setExpirationTimeMinutesInTheFuture(10);
claims.setNotBeforeMinutesInThePast(5);
claims.setGeneratedJwtId();
JsonWebSignature jws = new JsonWebSignature();
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA256);
jws.setPayload(claims.toJson());
jws.setKey(hmacKey.getKey());
jws.setKeyIdHeaderValue(hmacKey.getKeyId());
String innerJwt = jws.getCompactSerialization();
JsonWebEncryption jwe = new JsonWebEncryption();
jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.A128KW);
jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256);
jwe.setKey(encKey.getKey());
jwe.setKeyIdHeaderValue(encKey.getKeyId());
jwe.setContentTypeHeaderValue("JWT");
jwe.setPayload(innerJwt);
String jwt = jwe.getCompactSerialization();
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setExpectedIssuer("issuer")
.setExpectedAudience("audience")
.setRequireSubject()
.setRequireExpirationTime()
.setDecryptionKey(encKey.getKey())
.setVerificationKey(hmacKey.getKey())
.build();
JwtContext jwtContext = jwtConsumer.process(jwt);
Assert.assertThat("subject", equalTo(jwtContext.getJwtClaims().getSubject()));
List<JsonWebStructure> joseObjects = jwtContext.getJoseObjects();
JsonWebStructure outerJsonWebObject = joseObjects.get(joseObjects.size() - 1);
Assert.assertTrue(outerJsonWebObject instanceof JsonWebEncryption);
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getContentTypeHeaderValue()));
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getHeader(HeaderParameterNames.CONTENT_TYPE)));
Assert.assertThat("JWT", equalTo(outerJsonWebObject.getHeaders().getStringHeaderValue(HeaderParameterNames.CONTENT_TYPE)));
JsonWebStructure innerJsonWebObject = joseObjects.get(0);
Assert.assertTrue(innerJsonWebObject instanceof JsonWebSignature);
}
开发者ID:RbkGh,项目名称:Jose4j,代码行数:60,代码来源:JwtConsumerTest.java
示例20: DefaultCipherExecutor
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; //导入依赖的package包/类
/**
* Instantiates a new cipher.
*
* <p>Note that in order to customize the encryption algorithms,
* you will need to download and install the JCE Unlimited Strength Jurisdiction
* Policy File into your Java installation.</p>
* @param secretKeyEncryption the secret key encryption; must be represented as a octet sequence JSON Web Key (JWK)
* @param secretKeySigning the secret key signing; must be represented as a octet sequence JSON Web Key (JWK)
*/
public DefaultCipherExecutor(final String secretKeyEncryption,
final String secretKeySigning) {
this(secretKeyEncryption, secretKeySigning,
ContentEncryptionAlgorithmIdentifiers.AES_128_CBC_HMAC_SHA_256,
AlgorithmIdentifiers.HMAC_SHA512);
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:16,代码来源:DefaultCipherExecutor.java
注:本文中的org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论