|
|
@ -4,14 +4,10 @@ import com.nimbusds.jose.JWSAlgorithm;
|
|
|
|
import com.nimbusds.jose.jwk.Curve;
|
|
|
|
import com.nimbusds.jose.jwk.Curve;
|
|
|
|
import com.nimbusds.jose.jwk.ECKey;
|
|
|
|
import com.nimbusds.jose.jwk.ECKey;
|
|
|
|
import com.nimbusds.jose.jwk.RSAKey;
|
|
|
|
import com.nimbusds.jose.jwk.RSAKey;
|
|
|
|
|
|
|
|
import com.nimbusds.jose.jwk.gen.ECKeyGenerator;
|
|
|
|
|
|
|
|
import com.nimbusds.jose.jwk.gen.RSAKeyGenerator;
|
|
|
|
import org.junit.jupiter.api.Test;
|
|
|
|
import org.junit.jupiter.api.Test;
|
|
|
|
|
|
|
|
|
|
|
|
import java.security.KeyPair;
|
|
|
|
|
|
|
|
import java.security.KeyPairGenerator;
|
|
|
|
|
|
|
|
import java.security.PrivateKey;
|
|
|
|
|
|
|
|
import java.security.PublicKey;
|
|
|
|
|
|
|
|
import java.security.interfaces.ECPublicKey;
|
|
|
|
|
|
|
|
import java.security.interfaces.RSAPublicKey;
|
|
|
|
|
|
|
|
import java.util.Set;
|
|
|
|
import java.util.Set;
|
|
|
|
|
|
|
|
|
|
|
|
import static com.nimbusds.jose.jwk.KeyOperation.*;
|
|
|
|
import static com.nimbusds.jose.jwk.KeyOperation.*;
|
|
|
@ -41,18 +37,8 @@ public class JwksTest {
|
|
|
|
// Curve point = Curve.P_384;
|
|
|
|
// Curve point = Curve.P_384;
|
|
|
|
// Curve point = Curve.P_521;
|
|
|
|
// Curve point = Curve.P_521;
|
|
|
|
|
|
|
|
|
|
|
|
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
|
|
|
|
ECKeyGenerator ecKeyGenerator = new ECKeyGenerator(point);
|
|
|
|
keyPairGenerator.initialize(point.toECParameterSpec());
|
|
|
|
ecKeyGenerator.keyOperations(Set.of(
|
|
|
|
|
|
|
|
|
|
|
|
KeyPair keyPair = keyPairGenerator.generateKeyPair();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
PublicKey aPublic = keyPair.getPublic();
|
|
|
|
|
|
|
|
PrivateKey aPrivate = keyPair.getPrivate();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ECKey key = new ECKey.Builder(point, (ECPublicKey) aPublic)
|
|
|
|
|
|
|
|
.privateKey(aPrivate)
|
|
|
|
|
|
|
|
.keyOperations(Set.of(
|
|
|
|
|
|
|
|
SIGN,
|
|
|
|
SIGN,
|
|
|
|
VERIFY,
|
|
|
|
VERIFY,
|
|
|
|
ENCRYPT,
|
|
|
|
ENCRYPT,
|
|
|
@ -60,8 +46,8 @@ public class JwksTest {
|
|
|
|
DERIVE_KEY))
|
|
|
|
DERIVE_KEY))
|
|
|
|
// keyId 必须唯一
|
|
|
|
// keyId 必须唯一
|
|
|
|
.keyID("sos-ecc-kid1")
|
|
|
|
.keyID("sos-ecc-kid1")
|
|
|
|
.algorithm(JWSAlgorithm.ES256)
|
|
|
|
.algorithm(JWSAlgorithm.ES256);
|
|
|
|
.build();
|
|
|
|
ECKey key = ecKeyGenerator.generate();
|
|
|
|
assertNotNull(key);
|
|
|
|
assertNotNull(key);
|
|
|
|
|
|
|
|
|
|
|
|
String json = key.toJSONString();
|
|
|
|
String json = key.toJSONString();
|
|
|
@ -79,27 +65,17 @@ public class JwksTest {
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
|
void jwkRS() throws Exception {
|
|
|
|
void jwkRS() throws Exception {
|
|
|
|
|
|
|
|
|
|
|
|
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
|
|
|
|
RSAKeyGenerator rsaKeyGenerator = new RSAKeyGenerator(2048);
|
|
|
|
keyPairGenerator.initialize(2048);
|
|
|
|
rsaKeyGenerator.keyID("sos-rsa-kid2")
|
|
|
|
KeyPair keyPair = keyPairGenerator.generateKeyPair();
|
|
|
|
.algorithm(JWSAlgorithm.RS256)
|
|
|
|
|
|
|
|
|
|
|
|
PrivateKey aPrivate = keyPair.getPrivate();
|
|
|
|
|
|
|
|
PublicKey aPublic = keyPair.getPublic();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RSAKey key = new RSAKey.Builder((RSAPublicKey) aPublic)
|
|
|
|
|
|
|
|
.privateKey(aPrivate)
|
|
|
|
|
|
|
|
// .keyUse(KeyUse.SIGNATURE)
|
|
|
|
|
|
|
|
.keyOperations(Set.of(
|
|
|
|
.keyOperations(Set.of(
|
|
|
|
SIGN,
|
|
|
|
SIGN,
|
|
|
|
VERIFY,
|
|
|
|
VERIFY,
|
|
|
|
ENCRYPT,
|
|
|
|
ENCRYPT,
|
|
|
|
DECRYPT,
|
|
|
|
DECRYPT,
|
|
|
|
DERIVE_KEY))
|
|
|
|
DERIVE_KEY));
|
|
|
|
.algorithm(JWSAlgorithm.RS256)
|
|
|
|
|
|
|
|
.keyID("sos-rsa-kid2")
|
|
|
|
|
|
|
|
.build();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RSAKey key = rsaKeyGenerator.generate();
|
|
|
|
assertNotNull(key);
|
|
|
|
assertNotNull(key);
|
|
|
|
String json = key.toJSONString();
|
|
|
|
String json = key.toJSONString();
|
|
|
|
assertNotNull(json);
|
|
|
|
assertNotNull(json);
|
|
|
|