rsa signer unit test working

server/src/main/java/org/mitre/jwt/signer/impl/RsaSigner.java

@@ -1,6 +1,7 @@
 package org.mitre.jwt.signer.impl;
 
 import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
 import java.security.InvalidKeyException;
 import java.security.KeyPair;
 import java.security.NoSuchAlgorithmException;
@@ -129,48 +130,42 @@ public class RsaSigner extends AbstractJwtSigner implements InitializingBean {
 		setKeystore(keystore);
 		setAlias(alias);
 		setPassword(password);
-
+		
 		try {
 			signer = Signature.getInstance(Algorithm.getByName(algorithmName).getStandardName(), "BC");
-		} catch (NoSuchAlgorithmException e) {
+		} catch (GeneralSecurityException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
-		} catch (NoSuchProviderException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
+		} 
 	}
 
 	@Override
 	public void afterPropertiesSet() throws Exception {
 		KeyPair keyPair = keystore.getKeyPairForAlias(alias, password);
 
-		publicKey = (RSAPublicKey) keyPair.getPublic();
+		publicKey = ((RSAPublicKey) keyPair.getPublic());
 		privateKey = (RSAPrivateKey) keyPair.getPrivate();
-
+		
 		logger.debug("RSA Signer ready for business");
 
 	}
 
+	/* (non-Javadoc)
+	 * @see org.mitre.jwt.signer.AbstractJwtSigner#generateSignature(java.lang.String)
+	 */
 	@Override
 	protected String generateSignature(String signatureBase) {
-
-		try {
+		
+		try {			
 			signer.initSign(privateKey);
-		} catch (InvalidKeyException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
-
-		try {
 			signer.update(signatureBase.getBytes("UTF-8"));
-		} catch (SignatureException e) {
+		} catch (GeneralSecurityException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
 		} catch (UnsupportedEncodingException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
-		}
+		} 
 
 		byte[] sigBytes;
 		String sig = "";
@@ -247,34 +242,24 @@ public class RsaSigner extends AbstractJwtSigner implements InitializingBean {
 
 		try {
 			signer.initVerify(publicKey);
-		} catch (InvalidKeyException e1) {
-			// TODO Auto-generated catch block
-			e1.printStackTrace();
-			return false;
-		}
-
-		try {
 			signer.update(signingInput.getBytes("UTF-8"));
-		} catch (SignatureException e1) {
-			// TODO Auto-generated catch block
-			e1.printStackTrace();
-		} catch (UnsupportedEncodingException e1) {
-			// TODO Auto-generated catch block
-			e1.printStackTrace();
-		}
-
-		try {
 			signer.verify(s64.getBytes("UTF-8"));
-		} catch (SignatureException e) {
+		} catch (GeneralSecurityException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
-			return false;
 		} catch (UnsupportedEncodingException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
-			return false;
 		}
 
 		return true;
 	}
+
+	public RSAPrivateKey getPrivateKey() {
+		return privateKey;
+	}
+
+	public void setPrivateKey(RSAPrivateKey privateKey) {
+		this.privateKey = privateKey;
+	}
 }

server/src/main/java/org/mitre/jwt/signer/service/impl/KeyStore.java

@@ -19,6 +19,8 @@ import java.security.PublicKey;
 import java.security.Security;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
 import java.util.Date;
 
 import org.apache.commons.logging.Log;
@@ -76,7 +78,7 @@ public class KeyStore implements InitializingBean {
 	 * Create an RSA KeyPair and insert into specified KeyStore
 	 * 
 	 * @param location
-	 * @param commonName
+	 * @param domainName
 	 * @param alias
 	 * @param keystorePassword
 	 * @param aliasPassword
@@ -87,7 +89,7 @@ public class KeyStore implements InitializingBean {
 	 * @throws IOException
 	 */
 	public static java.security.KeyStore generateRsaKeyPair(String location,
-			String commonName, String alias, String keystorePassword,
+			String domainName, String alias, String keystorePassword,
 			String aliasPassword, int daysNotValidBefore, int daysNotValidAfter)
 			throws GeneralSecurityException, IOException {
 
@@ -98,18 +100,20 @@ public class KeyStore implements InitializingBean {
 		rsaKeyPairGenerator.initialize(2048);
 		KeyPair rsaKeyPair = rsaKeyPairGenerator.generateKeyPair();
 
-		X509V3CertificateGenerator v3CertGen = createCertificate(commonName,
+		X509V3CertificateGenerator v3CertGen = createCertificate(domainName,
 				daysNotValidBefore, daysNotValidAfter);
 
+		RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) rsaKeyPair.getPrivate();
+
 		v3CertGen.setPublicKey(rsaKeyPair.getPublic());
-		v3CertGen.setSignatureAlgorithm("SHA1withRSA"); // "MD5WithRSAEncryption");
+		v3CertGen.setSignatureAlgorithm("SHA256WithRSAEncryption"); // "MD5WithRSAEncryption");
 
 		// BC docs say to use another, but it seemingly isn't included...		
 		X509Certificate certificate = v3CertGen
-				.generateX509Certificate(rsaKeyPair.getPrivate());
+				.generateX509Certificate(rsaPrivateKey);
 
 		// if exist, overwrite
-		ks.setKeyEntry(alias, rsaKeyPair.getPrivate(), aliasPassword.toCharArray(),
+		ks.setKeyEntry(alias, rsaPrivateKey, aliasPassword.toCharArray(),
 				new java.security.cert.Certificate[] { certificate });
 
 		storeJceKeyStore(location, keystorePassword, ks);
@@ -267,7 +271,7 @@ public class KeyStore implements InitializingBean {
 			// Get public key
 			PublicKey publicKey = cert.getPublicKey();
 
-			return new KeyPair(publicKey, (PrivateKey) key);
+			return new KeyPair(publicKey, (RSAPrivateKey) key);
 		}
 
 		return null;

server/src/test/java/org/mitre/jwt/JwtTest.java

@@ -1,12 +1,9 @@
 package org.mitre.jwt;
 
 import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.CoreMatchers.not;
-import static org.hamcrest.CoreMatchers.nullValue;
 import static org.junit.Assert.assertThat;
 
 import java.io.UnsupportedEncodingException;
-import java.security.Security;
 import java.util.Date;
 
 import org.junit.Test;
@@ -16,7 +13,6 @@ import org.mitre.jwt.signer.JwtSigner;
 import org.mitre.jwt.signer.impl.HmacSigner;
 import org.mitre.jwt.signer.impl.PlaintextSigner;
 import org.mitre.jwt.signer.impl.RsaSigner;
-import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
 import org.mitre.jwt.signer.service.impl.KeyStore;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -82,7 +78,7 @@ public class JwtTest {
 		signer.sign(jwt);
 
 		/*
-		 * Expected string based on the following strucutres, serialized exactly as follows and base64 encoded:
+		 * Expected string based on the following structures, serialized exactly as follows and base64 encoded:
 		 * 
 		 * header: {"typ":"JWT","alg":"HS256"}
 		 * claims: {"exp":1300819380,"iss":"joe","http://example.com/is_root":true}
@@ -100,8 +96,18 @@ public class JwtTest {
 		
 	}
 	
+	/**
+	 * @throws Exception
+	 */
 	@Test
-	public void testGenerateRsaSignature() {
+	public void testGenerateRsaSignature() throws Exception {
+		
+//		java.security.KeyStore ks = KeyStore.generateRsaKeyPair(keystore
+//				.getLocation().getFile().getPath(), "OpenID Connect Server",
+//				"twentyYears", KeyStore.PASSWORD, KeyStore.PASSWORD, 30, 365*20);
+//
+//		keystore.setKeystore(ks);
+		
 		Jwt jwt = new Jwt();
 		jwt.getHeader().setType("JWT");
 		jwt.getHeader().setAlgorithm("RS256");
@@ -109,27 +115,18 @@ public class JwtTest {
 		jwt.getClaims().setIssuer("joe");
 		jwt.getClaims().setClaim("http://example.com/is_root", Boolean.TRUE);
 
-        JwtSigner signer = new RsaSigner(RsaSigner.Algorithm.DEFAULT, keystore, "test");
+        JwtSigner signer = new RsaSigner(RsaSigner.Algorithm.DEFAULT, keystore, "twentyYears");
+        ((RsaSigner) signer).afterPropertiesSet();
 
 		signer.sign(jwt);
-
-		System.out.println("vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv");
-		System.out.println("vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv");
-		System.out.println("vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv");
-		System.out.println(jwt.getSignature());
-		System.out.println("^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^");
-		System.out.println("^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^");
-		System.out.println("^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^");		
-
-//		String signature = "p-63Jzz7mgi3H4hvW6MFB7lmPRZjhsL666MYkmpX33Y";
-//		String expected = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjEzMDA4MTkzODAsImlzcyI6ImpvZSIsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ." + signature;
-//		
-//		String actual = jwt.toString();
-//
-//		assertThat(actual, equalTo(expected));
-//		assertThat(jwt.getSignature(), equalTo(signature));
 		
-		assertThat(signer, not(nullValue()));
+		String signature = "TW0nOd_vr1rnV7yIS-lIV2-00V_zJMWxzOc3Z7k3gvMO2aIjIGjZ9nByZMI0iL5komMxYXPl_RCkbd9OKiPkk4iK5CDj7Mawbzu95LgEOOqdXO1f7-IqX9dIvJhVXXInLD3RsGvavyheIqNeFEVidLrJo30tBchB_niljEW7VeX8nSZfiCOdbOTW3hu0ycnon7wFpejb-cRP_S0iqGxCgbYXJzqPT192EHmRy_wmFxxIy9Lc84uqNkAZSIn1jVIeAemm22RoWbq0xLVLTRyiZoxJTUzac_VteiSPRNFlUQuOdxqNf0Hxqh_wVfX1mfXUzv0D8vHJVy6aIqTISmn-qg";
+		String expected = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJleHAiOjEzMDA4MTkzODAsImlzcyI6ImpvZSIsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.TW0nOd_vr1rnV7yIS-lIV2-00V_zJMWxzOc3Z7k3gvMO2aIjIGjZ9nByZMI0iL5komMxYXPl_RCkbd9OKiPkk4iK5CDj7Mawbzu95LgEOOqdXO1f7-IqX9dIvJhVXXInLD3RsGvavyheIqNeFEVidLrJo30tBchB_niljEW7VeX8nSZfiCOdbOTW3hu0ycnon7wFpejb-cRP_S0iqGxCgbYXJzqPT192EHmRy_wmFxxIy9Lc84uqNkAZSIn1jVIeAemm22RoWbq0xLVLTRyiZoxJTUzac_VteiSPRNFlUQuOdxqNf0Hxqh_wVfX1mfXUzv0D8vHJVy6aIqTISmn-qg";
+		
+		String actual = jwt.toString();
+
+		assertThat(actual, equalTo(expected));
+		assertThat(jwt.getSignature(), equalTo(signature));
 		
 	}