本文整理汇总了Java中java.security.interfaces.ECPrivateKey类的典型用法代码示例。如果您正苦于以下问题:Java ECPrivateKey类的具体用法?Java ECPrivateKey怎么用?Java ECPrivateKey使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
ECPrivateKey类属于java.security.interfaces包,在下文中一共展示了ECPrivateKey类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: shouldSignAndVerifyWithECDSA384
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldSignAndVerifyWithECDSA384() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
String content384 = "eyJhbGciOiJFUzM4NCJ9.eyJpc3MiOiJhdXRoMCJ9";
for (int i = 0; i < 10; i++) {
byte[] signature = algorithm384.sign(content384.getBytes());
String signature384 = Base64.encodeBase64URLSafeString((signature));
String token = content384 + "." + signature384;
JWT jwt = JWT.require(algorithm384).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm384.verify(decoded, EncodeType.Base64);
}
}
示例2: shouldDecodeECDSA512DER
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDecodeECDSA512DER() throws Exception {
ECDSAAlgorithm algorithm512 = (ECDSAAlgorithm) Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
//Without padding
byte[] derSignature = createDERSignature(66, false, false);
byte[] joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, false);
//With R padding
derSignature = createDERSignature(66, true, false);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, false);
//With S padding
derSignature = createDERSignature(66, false, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, false, true);
//With both paddings
derSignature = createDERSignature(66, true, true);
joseSignature = algorithm512.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 66, true, true);
}
示例3: getPrivateKey
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
/**
* Reads the private key from an encrypted PKCS#8 file and returns it as an ECPrivateKey instance.
*
* @param A PKCS#8 (.key) file containing the private key with value "s"
* @return The private key as an ECPrivateKey instance
*/
public static ECPrivateKey getPrivateKey(String keyFilePath) {
Path fileLocation = Paths.get(keyFilePath);
byte[] pkcs8ByteArray;
try {
pkcs8ByteArray = Files.readAllBytes(fileLocation);
// The DER encoded private key is password-based encrypted and provided in PKCS#8. So we need to decrypt it first
PBEKeySpec pbeKeySpec = new PBEKeySpec(GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString().toCharArray());
EncryptedPrivateKeyInfo encryptedPrivKeyInfo = new EncryptedPrivateKeyInfo(pkcs8ByteArray);
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(encryptedPrivKeyInfo.getAlgName());
Key secret = secretKeyFactory.generateSecret(pbeKeySpec);
PKCS8EncodedKeySpec pkcs8PrivKeySpec = encryptedPrivKeyInfo.getKeySpec(secret);
ECPrivateKey privateKey = (ECPrivateKey) KeyFactory.getInstance("EC").generatePrivate(pkcs8PrivKeySpec);
return privateKey;
} catch (IOException | InvalidKeySpecException | NoSuchAlgorithmException | InvalidKeyException e) {
getLogger().error(e.getClass().getSimpleName() + " occurred while trying to access private key at " +
"location '" + keyFilePath + "'");
return null;
}
}
示例4: encryptContractCertPrivateKey
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
/**
* Encrypts the private key of the contract certificate which is to be sent to the EVCC. First, the
* shared secret based on the ECDH parameters is calculated, then the symmetric session key with which
* the private key of the contract certificate is to be encrypted.
*
* @param certificateECPublicKey The public key of either the OEM provisioning certificate (in case of
* CertificateInstallation) or the to be updated contract certificate
* (in case of CertificateUpdate)
* @param ecKeyPair The EC keypair
* @param contractCertPrivateKey The private key of the contract certificate
* @return The encrypted private key of the to be installed contract certificate
*/
public static ContractSignatureEncryptedPrivateKeyType encryptContractCertPrivateKey(
ECPublicKey certificateECPublicKey,
KeyPair ecKeyPair,
ECPrivateKey contractCertPrivateKey) {
// Generate the shared secret by using the public key of either OEMProvCert or ContractCert
byte[] sharedSecret = generateSharedSecret((ECPrivateKey) ecKeyPair.getPrivate(), certificateECPublicKey);
if (sharedSecret == null) {
getLogger().error("Shared secret could not be generated");
return null;
}
// The session key is generated using the computed shared secret
SecretKey sessionKey = generateSessionKey(sharedSecret);
// Finally, the private key of the contract certificate is encrypted using the session key
ContractSignatureEncryptedPrivateKeyType encryptedContractCertPrivateKey =
getContractSignatureEncryptedPrivateKey(sessionKey, contractCertPrivateKey);
return encryptedContractCertPrivateKey;
}
示例5: shouldSignAndVerifyWithECDSA512
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldSignAndVerifyWithECDSA512() throws Exception {
ECDSAAlgorithm algorithm512 = (ECDSAAlgorithm) Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
String content512 = "eyJhbGciOiJFUzUxMiJ9.eyJpc3MiOiJhdXRoMCJ9";
for (int i = 0; i < 10; i++) {
byte[] signature = algorithm512.sign(content512.getBytes());
String signature512 = Base64.encodeBase64URLSafeString((signature));
String token = content512 + "." + signature512;
JWT jwt = JWT.require(algorithm512).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm512.verify(decoded, EncodeType.Base64);
}
}
示例6: getEccCurveNameFromSpec
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void getEccCurveNameFromSpec()
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
/* generate key pair */
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec genSpec = new ECGenParameterSpec("secp256r1");
kpg.initialize(genSpec);
KeyPair pair = kpg.genKeyPair();
ECPrivateKey priv = (ECPrivateKey)pair.getPrivate();
ECParameterSpec spec = priv.getParams();
String curveName = Ecc.getCurveName(spec);
assertEquals(curveName, "SECP256R1");
}
示例7: shouldNotOverwriteKeyIdIfAddedFromECDSAAlgorithms
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldNotOverwriteKeyIdIfAddedFromECDSAAlgorithms() throws Exception {
ECPrivateKey privateKey = (ECPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_256, "EC");
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
when(provider.getPrivateKeyId()).thenReturn("my-key-id");
when(provider.getPrivateKey()).thenReturn(privateKey);
String signed = JWTCreator.init()
.withKeyId("real-key-id")
.sign(Algorithm.ECDSA256(provider));
assertThat(signed, is(notNullValue()));
String[] parts = signed.split("\\.");
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));
}
示例8: shouldDecodeECDSA256JOSE
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDecodeECDSA256JOSE() throws Exception {
ECDSAAlgorithm algorithm256 = (ECDSAAlgorithm) Algorithm.ECDSA256((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC"));
//Without padding
byte[] joseSignature = createJOSESignature(32, false, false);
byte[] derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, false, false);
//With R padding
joseSignature = createJOSESignature(32, true, false);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, true, false);
//With S padding
joseSignature = createJOSESignature(32, false, true);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, false, true);
//With both paddings
joseSignature = createJOSESignature(32, true, true);
derSignature = algorithm256.JOSEToDER(joseSignature);
assertValidDERSignature(derSignature, 32, true, true);
}
示例9: shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[256];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm("ES256", "SHA256withECDSA", 128, provider);
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
示例10: shouldDecodeECDSA384DER
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDecodeECDSA384DER() throws Exception {
ECDSAAlgorithm algorithm384 = (ECDSAAlgorithm) Algorithm.ECDSA384((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC"));
//Without padding
byte[] derSignature = createDERSignature(48, false, false);
byte[] joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, false);
//With R padding
derSignature = createDERSignature(48, true, false);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, false);
//With S padding
derSignature = createDERSignature(48, false, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, false, true);
//With both paddings
derSignature = createDERSignature(48, true, true);
joseSignature = algorithm384.DERToJOSE(derSignature);
assertValidJOSESignature(joseSignature, 48, true, true);
}
示例11: shouldThrowOnVerifyWhenThePublicKeyIsInvalid
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldThrowOnVerifyWhenThePublicKeyIsInvalid() throws Exception {
exception.expect(AlgorithmMismatchException.class);
exception.expectMessage("The provided Algorithm doesn't match the one defined in the JWT's Header.");
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
示例12: shouldThrowOnVerifyWhenTheSignatureIsNotPrepared
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldThrowOnVerifyWhenTheSignatureIsNotPrepared() throws Exception {
exception.expect(AlgorithmMismatchException.class);
exception.expectMessage("The provided Algorithm doesn't match the one defined in the JWT's Header.");
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(SignatureException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
示例13: shouldDoECDSA256SigningWithProvidedPrivateKey
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDoECDSA256SigningWithProvidedPrivateKey() throws Exception {
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
PrivateKey privateKey = readPrivateKeyFromFile(PRIVATE_KEY_FILE_256, "EC");
PublicKey publicKey = readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
when(provider.getPrivateKey()).thenReturn((ECPrivateKey) privateKey);
when(provider.getPublicKeyById(null)).thenReturn((ECPublicKey) publicKey);
Algorithm algorithm = Algorithm.ECDSA256(provider);
String jwtContent = String.format("%s.%s", ES256Header, auth0IssPayload);
byte[] contentBytes = jwtContent.getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = algorithm.sign(contentBytes);
String jwtSignature = Base64.encodeBase64URLSafeString(signatureBytes);
String token = String.format("%s.%s", jwtContent, jwtSignature);
assertThat(signatureBytes, is(notNullValue()));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
示例14: shouldDoECDSA384SigningWithProvidedPrivateKey
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDoECDSA384SigningWithProvidedPrivateKey() throws Exception {
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
PrivateKey privateKey = readPrivateKeyFromFile(PRIVATE_KEY_FILE_384, "EC");
PublicKey publicKey = readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC");
when(provider.getPrivateKey()).thenReturn((ECPrivateKey) privateKey);
when(provider.getPublicKeyById(null)).thenReturn((ECPublicKey) publicKey);
Algorithm algorithm = Algorithm.ECDSA384(provider);
String jwtContent = String.format("%s.%s", ES384Header, auth0IssPayload);
byte[] contentBytes = jwtContent.getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = algorithm.sign(contentBytes);
String jwtSignature = Base64.encodeBase64URLSafeString(signatureBytes);
String token = String.format("%s.%s", jwtContent, jwtSignature);
assertThat(signatureBytes, is(notNullValue()));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
示例15: shouldDoECDSA512SigningWithBothKeys
import java.security.interfaces.ECPrivateKey; //导入依赖的package包/类
@Test
public void shouldDoECDSA512SigningWithBothKeys() throws Exception {
Algorithm algorithm = Algorithm.ECDSA512((ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC"), (ECPrivateKey) readPrivateKeyFromFile(PRIVATE_KEY_FILE_512, "EC"));
String jwtContent = String.format("%s.%s", ES512Header, auth0IssPayload);
byte[] contentBytes = jwtContent.getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = algorithm.sign(contentBytes);
String jwtSignature = Base64.encodeBase64URLSafeString(signatureBytes);
String token = String.format("%s.%s", jwtContent, jwtSignature);
assertThat(signatureBytes, is(notNullValue()));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}