• Home
• org.jboss.resteasy
• jose-jwt
• 5.0.9.Final
• source code
• RSADecrypter.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.jboss.resteasy.jose.jwe.crypto.RSADecrypter Maven / Gradle / Ivy

package org.jboss.resteasy.jose.jwe.crypto;

import java.nio.charset.StandardCharsets;
import java.security.interfaces.RSAPrivateKey;
import java.util.Base64;

import javax.crypto.SecretKey;

import org.jboss.resteasy.jose.i18n.Messages;
import org.jboss.resteasy.jose.jwe.Algorithm;
import org.jboss.resteasy.jose.jwe.EncryptionMethod;
import org.jboss.resteasy.jose.jwe.JWEHeader;

/**
 * RSA decrypter. This class
 * is thread-safe.
 * 

 * Supports the following JWE algorithms:
 * 
 * 

 * 
RSA1_5
 * 
RSA_OAEP
 * 
 * 

 * Supports the following encryption methods:
 * 
 * 

 * 
A128CBC_HS256
 * 
A256CBC_HS512
 * 
A128GCM
 * 
A256GCM
 * 
 *
 * @author David Ortiz
 * @author Vladimir Dzhuvinov
 * @version $version$ (2013-05-29)
 */
public class RSADecrypter {

    public static byte[] decrypt(final JWEHeader readOnlyJWEHeader,
            final String encodedHeader,
            final String encodedEncryptedKey,
            final String encodedIv,
            final String encodedCipherText,
            final String encodedAuthTag,
            final RSAPrivateKey privateKey) {

        // Validate required JWE parts
        if (encodedEncryptedKey == null) {

            throw new RuntimeException(Messages.MESSAGES.encryptedKeyMustNotBeNull());
        }

        if (encodedIv == null) {

            throw new RuntimeException(Messages.MESSAGES.initializationVectorMustNotBeNull());
        }

        if (encodedAuthTag == null) {

            throw new RuntimeException(Messages.MESSAGES.authenticationTagMustNotBeNull());
        }

        // Derive the content encryption key
        Algorithm alg = readOnlyJWEHeader.getAlgorithm();

        SecretKey cek = null;
        byte[] encryptedKey = Base64.getUrlDecoder().decode(encodedEncryptedKey);
        byte[] aad = encodedHeader.getBytes(StandardCharsets.UTF_8);
        byte[] iv = Base64.getUrlDecoder().decode(encodedIv);
        byte[] cipherText = Base64.getUrlDecoder().decode(encodedCipherText);
        byte[] authTag = Base64.getUrlDecoder().decode(encodedAuthTag);

        if (alg.equals(Algorithm.RSA1_5)) {

            int keyLength = readOnlyJWEHeader.getEncryptionMethod().getCekBitLength();

            SecretKey randomCEK = AES.generateKey(keyLength);

            try {
                cek = RSA1_5.decryptCEK(privateKey, encryptedKey, keyLength);

            } catch (Exception e) {

                // Protect against MMA attack by generating random CEK on failure,
                // see http://www.ietf.org/mail-archive/web/jose/current/msg01832.html
                cek = randomCEK;
            }

        } else if (alg.equals(Algorithm.RSA_OAEP)) {

            cek = RSA_OAEP.decryptCEK(privateKey, encryptedKey);

        } else {

            throw new RuntimeException(Messages.MESSAGES.unsupportedJWEalgorithm());
        }

        // Decrypt the cipher text according to the JWE enc
        EncryptionMethod enc = readOnlyJWEHeader.getEncryptionMethod();

        byte[] plainText;

        if (enc.equals(EncryptionMethod.A128CBC_HS256) || enc.equals(EncryptionMethod.A256CBC_HS512)) {

            plainText = AESCBC.decryptAuthenticated(cek, iv, cipherText, aad, authTag);

        } else if (enc.equals(EncryptionMethod.A128GCM) || enc.equals(EncryptionMethod.A256GCM)) {

            plainText = AESGCM.decrypt(cek, iv, cipherText, aad, authTag);

        } else {

            throw new RuntimeException(Messages.MESSAGES.unsupportedEncryptionMethod());
        }

        // Apply decompression if requested
        return DeflateHelper.applyDecompression(readOnlyJWEHeader.getCompressionAlgorithm(), plainText);
    }
}