org.xdi.oxauth.model.jws.RSASigner クラス

org.xdi.oxauth.model.jws.RSASigner の継承関係図

org.xdi.oxauth.model.jws.RSASigner 連携図

公開メンバ関数
	RSASigner (SignatureAlgorithm signatureAlgorithm, RSAPrivateKey rsaPrivateKey)
	RSASigner (SignatureAlgorithm signatureAlgorithm, RSAPublicKey rsaPublicKey)
	RSASigner (SignatureAlgorithm signatureAlgorithm, Certificate certificate)
String	generateSignature (String signingInput) throws SignatureException
boolean	validateSignature (String signingInput, String signature) throws SignatureException
SignatureAlgorithm	getSignatureAlgorithm ()
Jwt	sign (Jwt jwt) throws InvalidJwtException, SignatureException
boolean	validate (Jwt jwt)
boolean	validateAuthorizationCode (String authorizationCode, Jwt idToken)
boolean	validateAccessToken (String accessToken, Jwt idToken)

非公開変数類
RSAPrivateKey	rsaPrivateKey
RSAPublicKey	rsaPublicKey

詳解

著者

Javier Rojas Blum

バージョン

July 31, 2016

構築子と解体子

RSASigner() [1/3]

org.xdi.oxauth.model.jws.RSASigner.RSASigner ( SignatureAlgorithm  signatureAlgorithm, RSAPrivateKey  rsaPrivateKey  )

inline

                                                                                         {
        super(signatureAlgorithm);
        this.rsaPrivateKey = rsaPrivateKey;
    }

RSASigner() [2/3]

org.xdi.oxauth.model.jws.RSASigner.RSASigner ( SignatureAlgorithm  signatureAlgorithm, RSAPublicKey  rsaPublicKey  )

inline

                                                                                       {
        super(signatureAlgorithm);
        this.rsaPublicKey = rsaPublicKey;
    }

RSASigner() [3/3]

org.xdi.oxauth.model.jws.RSASigner.RSASigner ( SignatureAlgorithm  signatureAlgorithm, Certificate  certificate  )

inline

                                                                                     {
        super(signatureAlgorithm);
        this.rsaPublicKey = certificate.getRsaPublicKey();
    }

関数詳解

generateSignature()

String org.xdi.oxauth.model.jws.RSASigner.generateSignature ( String  signingInput ) throws SignatureException

inline

                                                                                   {
        if (getSignatureAlgorithm() == null) {
            throw new SignatureException("The signature algorithm is null");
        }
        if (rsaPrivateKey == null) {
            throw new SignatureException("The RSA private key is null");
        }
        if (signingInput == null) {
            throw new SignatureException("The signing input is null");
        }

        try {
            RSAPrivateKeySpec rsaPrivateKeySpec = new RSAPrivateKeySpec(
                    rsaPrivateKey.getModulus(),
                    rsaPrivateKey.getPrivateExponent());

            KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
            PrivateKey privateKey = keyFactory.generatePrivate(rsaPrivateKeySpec);

            Signature signature = Signature.getInstance(getSignatureAlgorithm().getAlgorithm(), "BC");
            signature.initSign(privateKey);
            signature.update(signingInput.getBytes(Util.UTF8_STRING_ENCODING));

            return Base64Util.base64urlencode(signature.sign());
        } catch (InvalidKeySpecException e) {
            throw new SignatureException(e);
        } catch (InvalidKeyException e) {
            throw new SignatureException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new SignatureException(e);
        } catch (NoSuchProviderException e) {
            throw new SignatureException(e);
        } catch (SignatureException e) {
            throw new SignatureException(e);
        } catch (UnsupportedEncodingException e) {
            throw new SignatureException(e);
        } catch (Exception e) {
            throw new SignatureException(e);
        }
    }

getSignatureAlgorithm()

SignatureAlgorithm org.xdi.oxauth.model.jws.AbstractJwsSigner.getSignatureAlgorithm ( )

inlineinherited

org.xdi.oxauth.model.jws.JwsSignerを実装しています。

                                                      {
        return signatureAlgorithm;
    }

sign()

Jwt org.xdi.oxauth.model.jws.AbstractJwsSigner.sign ( Jwt  jwt ) throws InvalidJwtException, SignatureException

inlineinherited

org.xdi.oxauth.model.jws.JwsSignerを実装しています。

                                                                            {
        String signature = generateSignature(jwt.getSigningInput());
        jwt.setEncodedSignature(signature);
        return jwt;
    }

validate()

boolean org.xdi.oxauth.model.jws.AbstractJwsSigner.validate ( Jwt  jwt )

inlineinherited

org.xdi.oxauth.model.jws.JwsSignerを実装しています。

                                     {
        try {
            String signingInput = jwt.getSigningInput();
            String signature = jwt.getEncodedSignature();

            return validateSignature(signingInput, signature);
        } catch (InvalidJwtException e) {
            LOG.error(e.getMessage(), e);
            return false;
        } catch (SignatureException e) {
            LOG.error(e.getMessage(), e);
            return false;
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
            return false;
        }
    }

validateAccessToken()

boolean org.xdi.oxauth.model.jws.AbstractJwsSigner.validateAccessToken ( String  accessToken, Jwt  idToken  )

inlineinherited

                                                                        {
        return validateHash(accessToken, idToken.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
    }

validateAuthorizationCode()

boolean org.xdi.oxauth.model.jws.AbstractJwsSigner.validateAuthorizationCode ( String  authorizationCode, Jwt  idToken  )

inlineinherited

                                                                                    {
        return validateHash(authorizationCode, idToken.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    }

validateSignature()

boolean org.xdi.oxauth.model.jws.RSASigner.validateSignature ( String  signingInput, String  signature  ) throws SignatureException

inline

                                                                                                      {
        if (getSignatureAlgorithm() == null) {
            throw new SignatureException("The signature algorithm is null");
        }
        if (rsaPublicKey == null) {
            throw new SignatureException("The RSA public key is null");
        }
        if (signingInput == null) {
            throw new SignatureException("The signing input is null");
        }

        String algorithm = null;
        switch (getSignatureAlgorithm()) {
            case RS256:
                algorithm = "SHA-256";
                break;
            case RS384:
                algorithm = "SHA-384";
                break;
            case RS512:
                algorithm = "SHA-512";
                break;
            default:
                throw new SignatureException("Unsupported signature algorithm");
        }

        ASN1InputStream aIn = null;
        try {
            byte[] sigBytes = Base64Util.base64urldecode(signature);
            byte[] sigInBytes = signingInput.getBytes(Util.UTF8_STRING_ENCODING);

            RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(
                    rsaPublicKey.getModulus(),
                    rsaPublicKey.getPublicExponent());

            KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
            PublicKey publicKey = keyFactory.generatePublic(rsaPublicKeySpec);

            Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
            cipher.init(Cipher.DECRYPT_MODE, publicKey);

            byte[] decSig = cipher.doFinal(sigBytes);
            aIn = new ASN1InputStream(decSig);

            ASN1Sequence seq = (ASN1Sequence) aIn.readObject();

            MessageDigest hash = MessageDigest.getInstance(algorithm, "BC");
            hash.update(sigInBytes);

            ASN1OctetString sigHash = (ASN1OctetString) seq.getObjectAt(1);
            return MessageDigest.isEqual(hash.digest(), sigHash.getOctets());
        } catch (IOException e) {
            throw new SignatureException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new SignatureException(e);
        } catch (InvalidKeyException e) {
            throw new SignatureException(e);
        } catch (InvalidKeySpecException e) {
            throw new SignatureException(e);
        } catch (NoSuchPaddingException e) {
            throw new SignatureException(e);
        } catch (BadPaddingException e) {
            throw new SignatureException(e);
        } catch (NoSuchProviderException e) {
            throw new SignatureException(e);
        } catch (IllegalBlockSizeException e) {
            throw new SignatureException(e);
        } catch (Exception e) {
            throw new SignatureException(e);
        } finally {
            IOUtils.closeQuietly(aIn);
        }
    }

メンバ詳解

rsaPrivateKey

RSAPrivateKey org.xdi.oxauth.model.jws.RSASigner.rsaPrivateKey

private

rsaPublicKey

RSAPublicKey org.xdi.oxauth.model.jws.RSASigner.rsaPublicKey

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Model/src/main/java/org/xdi/oxauth/model/jws/RSASigner.java