List of usage examples for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME
String PROVIDER_NAME
To view the source code for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME.
Click Source Link
From source file:no.digipost.api.useragreements.client.security.CryptoUtil.java
License:Apache License
public static void addBouncyCastleProviderAndVerify_AES256_CBC_Support() { try {/* ww w. j a v a 2 s . c om*/ Security.addProvider(new BouncyCastleProvider()); LOG.debug("Registered BouncyCastleProvider"); new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC) .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(); LOG.debug("Support for AES256_CBC ok"); } catch (CMSException e) { throw new RuntimeException( "Feil under initialisering av algoritmer. Er Java Cryptographic Excetsions (JCE) installert?", e); } }
From source file:org.apache.coheigea.cxf.jaxrs.jwe.JWETest.java
License:Apache License
@AfterClass public static void cleanup() throws Exception { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); }
From source file:org.apache.cxf.rs.security.jose.cookbook.JwsJoseCookBookTest.java
License:Apache License
@Test public void testRSAPSSSignature() throws Exception { try {// ww w .j a v a 2s. co m Cipher.getInstance(AlgorithmUtils.PS_SHA_384_JAVA); } catch (Throwable t) { Security.addProvider(new BouncyCastleProvider()); } JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD); compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.PS384); compactProducer.getJwsHeaders().setKeyId(RSA_KID_VALUE); JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter(); assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), RSA_PSS_SIGNATURE_PROTECTED_HEADER_JSON); assertEquals(compactProducer.getUnsignedEncodedJws(), RSA_PSS_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD); JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt"); List<JsonWebKey> keys = jwks.getKeys(); JsonWebKey rsaKey = keys.get(1); compactProducer.signWith(rsaKey); assertEquals(compactProducer.getSignedEncodedJws().length(), (RSA_PSS_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + RSA_PSS_SIGNATURE_VALUE) .length()); JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws()); JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt"); List<JsonWebKey> publicKeys = publicJwks.getKeys(); JsonWebKey rsaPublicKey = publicKeys.get(1); assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384)); JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD); assertEquals(jsonProducer.getPlainPayload(), PAYLOAD); assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD); JwsHeaders protectedHeader = new JwsHeaders(); protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.PS384); protectedHeader.setKeyId(RSA_KID_VALUE); jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.PS384), protectedHeader); assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_GENERAL_SERIALIZATION.length()); JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument()); assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384)); jsonProducer = new JwsJsonProducer(PAYLOAD, true); jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.PS384), protectedHeader); assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_FLATTENED_SERIALIZATION.length()); jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument()); assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384)); Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); }
From source file:org.apache.cxf.rs.security.jose.cookbook.JwsJoseCookBookTest.java
License:Apache License
@Test public void testECDSASignature() throws Exception { try {//w w w. j a va2 s . c om Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA); } catch (Throwable t) { Security.addProvider(new BouncyCastleProvider()); } try { JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD); compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.ES512); compactProducer.getJwsHeaders().setKeyId(ECDSA_KID_VALUE); JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter(); assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), ECDSA_SIGNATURE_PROTECTED_HEADER_JSON); assertEquals(compactProducer.getUnsignedEncodedJws(), ECSDA_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD); JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt"); List<JsonWebKey> keys = jwks.getKeys(); JsonWebKey ecKey = keys.get(0); compactProducer.signWith( new EcDsaJwsSignatureProvider(JwkUtils.toECPrivateKey(ecKey), SignatureAlgorithm.ES512)); assertEquals(compactProducer.getUnsignedEncodedJws(), ECSDA_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD); assertEquals(132, Base64UrlUtility.decode(compactProducer.getEncodedSignature()).length); JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws()); JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt"); List<JsonWebKey> publicKeys = publicJwks.getKeys(); JsonWebKey ecPublicKey = publicKeys.get(0); assertTrue(compactConsumer.verifySignatureWith(ecPublicKey, SignatureAlgorithm.ES512)); } finally { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); } }
From source file:org.apache.cxf.rs.security.jose.cookbook.JwsJoseCookBookTest.java
License:Apache License
@Test public void testMultipleSignatures() throws Exception { try {//from ww w .j a va 2 s .c o m Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA); } catch (Throwable t) { Security.addProvider(new BouncyCastleProvider()); } try { JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD); assertEquals(jsonProducer.getPlainPayload(), PAYLOAD); assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD); JwsHeaders firstSignerProtectedHeader = new JwsHeaders(); firstSignerProtectedHeader.setSignatureAlgorithm(SignatureAlgorithm.RS256); JwsHeaders firstSignerUnprotectedHeader = new JwsHeaders(); firstSignerUnprotectedHeader.setKeyId(RSA_KID_VALUE); JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt"); List<JsonWebKey> keys = jwks.getKeys(); JsonWebKey rsaKey = keys.get(1); jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.RS256), firstSignerProtectedHeader, firstSignerUnprotectedHeader); assertEquals(jsonProducer.getSignatureEntries().get(0).toJson(), FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES); JwsHeaders secondSignerUnprotectedHeader = new JwsHeaders(); secondSignerUnprotectedHeader.setSignatureAlgorithm(SignatureAlgorithm.ES512); secondSignerUnprotectedHeader.setKeyId(ECDSA_KID_VALUE); JsonWebKey ecKey = keys.get(0); jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, SignatureAlgorithm.ES512), null, secondSignerUnprotectedHeader); assertEquals( new JsonMapObjectReaderWriter() .toJson(jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader()), SECOND_SIGNATURE_UNPROTECTED_HEADER_MULTIPLE_SIGNATURES); assertEquals(jsonProducer.getSignatureEntries().get(1).toJson().length(), SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES.length()); JwsHeaders thirdSignerProtectedHeader = new JwsHeaders(); thirdSignerProtectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256); thirdSignerProtectedHeader.setKeyId(HMAC_KID_VALUE); JsonWebKeys secretJwks = readKeySet("cookbookSecretSet.txt"); List<JsonWebKey> secretKeys = secretJwks.getKeys(); JsonWebKey hmacKey = secretKeys.get(0); jsonProducer.signWith(JwsUtils.getSignatureProvider(hmacKey, SignatureAlgorithm.HS256), thirdSignerProtectedHeader); assertEquals(jsonProducer.getSignatureEntries().get(2).toJson(), THIRD_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES); assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), MULTIPLE_SIGNATURES_JSON_GENERAL_SERIALIZATION.length()); JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument()); JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt"); List<JsonWebKey> publicKeys = publicJwks.getKeys(); JsonWebKey rsaPublicKey = publicKeys.get(1); JsonWebKey ecPublicKey = publicKeys.get(0); assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256)); assertTrue(jsonConsumer.verifySignatureWith(ecPublicKey, SignatureAlgorithm.ES512)); assertTrue(jsonConsumer.verifySignatureWith(hmacKey, SignatureAlgorithm.HS256)); } finally { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); } }
From source file:org.apache.cxf.rs.security.jose.jwe.JweCompactReaderWriterTest.java
License:Apache License
@AfterClass public static void unregisterBouncyCastleIfNeeded() throws Exception { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); }
From source file:org.apache.cxf.rs.security.jose.jwe.JwePbeHmacAesWrapTest.java
License:Apache License
@After public void unregisterBouncyCastleIfNeeded() throws Exception { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); }
From source file:org.apache.cxf.rs.security.jose.jwk.JsonWebKeyTest.java
License:Apache License
@Test public void testEncryptDecryptPrivateSet() throws Exception { final String password = "Thus from my lips, by yours, my sin is purged."; Security.addProvider(new BouncyCastleProvider()); try {//from ww w . j a v a2 s . c o m JsonWebKeys jwks = readKeySet("jwkPrivateSet.txt"); validatePrivateSet(jwks); String encryptedKeySet = JwkUtils.encryptJwkSet(jwks, password.toCharArray()); JweCompactConsumer c = new JweCompactConsumer(encryptedKeySet); assertEquals("jwk-set+json", c.getJweHeaders().getContentType()); assertEquals(KeyAlgorithm.PBES2_HS256_A128KW, c.getJweHeaders().getKeyEncryptionAlgorithm()); assertEquals(ContentAlgorithm.A128CBC_HS256, c.getJweHeaders().getContentEncryptionAlgorithm()); assertNotNull(c.getJweHeaders().getHeader("p2s")); assertNotNull(c.getJweHeaders().getHeader("p2c")); jwks = JwkUtils.decryptJwkSet(encryptedKeySet, password.toCharArray()); validatePrivateSet(jwks); } finally { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); } }
From source file:org.apache.cxf.rs.security.jose.jwk.JsonWebKeyTest.java
License:Apache License
@Test public void testEncryptDecryptPrivateKey() throws Exception { final String password = "Thus from my lips, by yours, my sin is purged."; final String key = "{\"kty\":\"oct\"," + "\"alg\":\"A128KW\"," + "\"k\":\"GawgguFyGrWKav7AX4VKUg\"," + "\"kid\":\"AesWrapKey\"}"; Security.addProvider(new BouncyCastleProvider()); try {/*from w w w . java 2 s . c o m*/ JsonWebKey jwk = readKey(key); validateSecretAesKey(jwk); String encryptedKey = JwkUtils.encryptJwkKey(jwk, password.toCharArray()); JweCompactConsumer c = new JweCompactConsumer(encryptedKey); assertEquals("jwk+json", c.getJweHeaders().getContentType()); assertEquals(KeyAlgorithm.PBES2_HS256_A128KW, c.getJweHeaders().getKeyEncryptionAlgorithm()); assertEquals(ContentAlgorithm.A128CBC_HS256, c.getJweHeaders().getContentEncryptionAlgorithm()); assertNotNull(c.getJweHeaders().getHeader("p2s")); assertNotNull(c.getJweHeaders().getHeader("p2c")); jwk = JwkUtils.decryptJwkKey(encryptedKey, password.toCharArray()); validateSecretAesKey(jwk); } finally { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); } }
From source file:org.apache.cxf.rs.security.jose.jws.JwsCompactReaderWriterTest.java
License:Apache License
@Test public void testJwsPsSha() throws Exception { Security.addProvider(new BouncyCastleProvider()); try {// w ww .j av a 2 s.c om JwsHeaders outHeaders = new JwsHeaders(); outHeaders.setSignatureAlgorithm(SignatureAlgorithm.PS256); JwsCompactProducer producer = initSpecJwtTokenWriter(outHeaders); PrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED); String signed = producer .signWith(new PrivateKeyJwsSignatureProvider(privateKey, SignatureAlgorithm.PS256)); JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(signed); RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED); assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.PS256))); JwtToken token = jws.getJwtToken(); JwsHeaders inHeaders = new JwsHeaders(token.getJwsHeaders()); assertEquals(SignatureAlgorithm.PS256, inHeaders.getSignatureAlgorithm()); validateSpecClaim(token.getClaims()); } finally { Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); } }