RSAAlgorithm.java example

Explorer

java-jwt-master
- lib
  - src
    - main
      - java
        com
        auth0
        jwt
        ClockImpl.java
        JWT.java
        JWTCreator.java
        JWTDecoder.java
        JWTVerifier.java
        TokenUtils.java
        algorithms
        Algorithm.java
        CryptoHelper.java
        ECDSAAlgorithm.java
        HMACAlgorithm.java
        NoneAlgorithm.java
        RSAAlgorithm.java
        exceptions
        AlgorithmMismatchException.java
        InvalidClaimException.java
        JWTCreationException.java
        JWTDecodeException.java
        JWTVerificationException.java
        SignatureGenerationException.java
        SignatureVerificationException.java
        TokenExpiredException.java
        impl
        BasicHeader.java
        ClaimsHolder.java
        HeaderDeserializer.java
        JWTParser.java
        JsonNodeClaim.java
        NullClaim.java
        PayloadDeserializer.java
        PayloadImpl.java
        PayloadSerializer.java
        PublicClaims.java
        interfaces
        Claim.java
        Clock.java
        DecodedJWT.java
        ECDSAKeyProvider.java
        Header.java
        JWTPartsParser.java
        KeyProvider.java
        Payload.java
        RSAKeyProvider.java
        Verification.java
    - test
      - java
        com
        auth0
        jwt
        ClockImplTest.java
        ConcurrentVerifyTest.java
        JWTCreatorTest.java
        JWTDecoderTest.java
        JWTTest.java
        JWTVerifierTest.java
        JsonMatcher.java
        PemUtils.java
        TokenUtilsTest.java
        UserPojo.java
        algorithms
        AlgorithmTest.java
        ECDSAAlgorithmTest.java
        HMACAlgorithmTest.java
        NoneAlgorithmTest.java
        RSAAlgorithmTest.java
        impl
        BasicHeaderTest.java
        ClaimsHolderTest.java
        HeaderDeserializerTest.java
        JWTParserTest.java
        JsonNodeClaimTest.java
        NullClaimTest.java
        PayloadDeserializerTest.java
        PayloadImplTest.java
        PayloadSerializerTest.java

package com.auth0.jwt.algorithms;

import com.auth0.jwt.exceptions.SignatureGenerationException;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.RSAKeyProvider;
import org.apache.commons.codec.binary.Base64;

import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

class RSAAlgorithm extends Algorithm {

    private final RSAKeyProvider keyProvider;
    private final CryptoHelper crypto;

    //Visible for testing
    RSAAlgorithm(CryptoHelper crypto, String id, String algorithm, RSAKeyProvider keyProvider) throws IllegalArgumentException {
        super(id, algorithm);
        if (keyProvider == null) {
            throw new IllegalArgumentException("The Key Provider cannot be null.");
        }
        this.keyProvider = keyProvider;
        this.crypto = crypto;
    }

    RSAAlgorithm(String id, String algorithm, RSAKeyProvider keyProvider) throws IllegalArgumentException {
        this(new CryptoHelper(), id, algorithm, keyProvider);
    }

    @Override
    public void verify(DecodedJWT jwt) throws SignatureVerificationException {
        byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
        byte[] signatureBytes = Base64.decodeBase64(jwt.getSignature());

        try {
            RSAPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
            if (publicKey == null) {
                throw new IllegalStateException("The given Public Key is null.");
            }
            boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, signatureBytes);
            if (!valid) {
                throw new SignatureVerificationException(this);
            }
        } catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
            throw new SignatureVerificationException(this, e);
        }
    }

    @Override
    public byte[] sign(byte[] contentBytes) throws SignatureGenerationException {
        try {
            RSAPrivateKey privateKey = keyProvider.getPrivateKey();
            if (privateKey == null) {
                throw new IllegalStateException("The given Private Key is null.");
            }
            return crypto.createSignatureFor(getDescription(), privateKey, contentBytes);
        } catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
            throw new SignatureGenerationException(this, e);
        }
    }

    @Override
    public String getSigningKeyId() {
        return keyProvider.getPrivateKeyId();
    }

    //Visible for testing
    static RSAKeyProvider providerForKeys(final RSAPublicKey publicKey, final RSAPrivateKey privateKey) {
        if (publicKey == null && privateKey == null) {
            throw new IllegalArgumentException("Both provided Keys cannot be null.");
        }
        return new RSAKeyProvider() {
            @Override
            public RSAPublicKey getPublicKeyById(String keyId) {
                return publicKey;
            }

            @Override
            public RSAPrivateKey getPrivateKey() {
                return privateKey;
            }

            @Override
            public String getPrivateKeyId() {
                return null;
            }
        };
    }
}