All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bdware.irp.crypto.util.GlobalUtils Maven / Gradle / Ivy

There is a newer version: 1.5.4
Show newest version
package org.bdware.irp.crypto.util;

import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.ECDSASigner;
import com.nimbusds.jose.crypto.ECDSAVerifier;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.KeyType;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bdware.irp.irplib.exception.IrpMessageCredentialException;
import org.bdware.irp.irplib.util.IrpCommon;

import java.io.FileInputStream;
import java.io.IOException;
import java.text.ParseException;

public class GlobalUtils {
    private static Logger logger = LogManager.getLogger(GlobalUtils.class);



    public static final byte[] getDigestAlgFromSignature(String sigAlgorithm) throws IrpMessageCredentialException {
        if (sigAlgorithm.startsWith("SHA1"))
            return IrpCommon.CREDENTIAL_DIGEST_ALG_SHA1;
        else if (sigAlgorithm.startsWith("MD5"))
            return IrpCommon.CREDENTIAL_DIGEST_ALG_MD5;
        else
            throw new IrpMessageCredentialException("Unsupported digest algorithm for signature: " + sigAlgorithm);
    }

    public static final String signByteArrayByJWK(byte[] data, JWK jwk) throws JOSEException {
        JWSSigner jwsSigner;
        JWSObject jwsObject;

        if (jwk.getKeyType() == KeyType.RSA) {
            jwsSigner = new RSASSASigner(jwk.toRSAKey());
            jwsObject = new JWSObject(
                    new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(jwk.getKeyID()).build(),
                    new Payload(data));
        } else if (jwk.getKeyType() == KeyType.EC) {
            jwsSigner = new ECDSASigner(jwk.toECKey());
            jwsObject = new JWSObject(
                    new JWSHeader.Builder(JWSAlgorithm.ES256).keyID(jwk.getKeyID()).build(),
                    new Payload(data));
        } else {
            logger.error("unsupported jwk Algorithm");
            return null;
        }
        //Compute the EC signature
        jwsObject.sign(jwsSigner);

        return jwsObject.serialize(true);
    }

    public static final boolean verifySigByJWK(byte[] messageBody, String signature, String pkInfo) {
        if (messageBody == null || signature == null || pkInfo == null) {
            logger.error("SignatureInfo missing!");
            return false;
        }
        try {
            JWSObject verify = JWSObject.parse(signature, new Payload(messageBody));
            //parse public key string
            JWK pkToVerify = JWK.parse(pkInfo);
            JWSVerifier verifier;
            if (pkToVerify.getKeyType() == KeyType.RSA) {
                verifier = new RSASSAVerifier(pkToVerify.toRSAKey().toRSAPublicKey());
            } else if (pkToVerify.getKeyType() == KeyType.EC) {
                verifier = new ECDSAVerifier(pkToVerify.toECKey().toECPublicKey());
            } else {
                logger.error("unsupported Algorithm");
                return false;
            }
            if (verify.verify(verifier)) {
                return true;
            } else {
                logger.error("verify the message failed!");
                return false;
            }
        } catch (ParseException e) {
            logger.error("parse the pk error");
            return false;
        } catch (JOSEException e) {
            e.printStackTrace();
            return false;
        }
    }

    public static JWK loadKeysFromJWKFile(String jwkFilePath) throws IOException, ParseException {
        FileInputStream fi = new FileInputStream(jwkFilePath);
        byte[] jwkB = new byte[fi.available()];
        fi.read(jwkB);
        String jwkS = new String(jwkB);
        logger.info(jwkS);
        return JWK.parse(jwkS);
    }

    public static JWK loadKeysFromJWKStr(String jwkStr) throws ParseException {
        return JWK.parse(jwkStr);
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy