Subclass representing an RSA signing algorithm This class is thread-safe.
| 18 | * This class is thread-safe. |
| 19 | */ |
| 20 | class RSAAlgorithm extends Algorithm { |
| 21 | |
| 22 | private final RSAKeyProvider keyProvider; |
| 23 | private final CryptoHelper crypto; |
| 24 | |
| 25 | //Visible for testing |
| 26 | RSAAlgorithm(CryptoHelper crypto, String id, String algorithm, RSAKeyProvider keyProvider) |
| 27 | throws IllegalArgumentException { |
| 28 | super(id, algorithm); |
| 29 | if (keyProvider == null) { |
| 30 | throw new IllegalArgumentException("The Key Provider cannot be null."); |
| 31 | } |
| 32 | this.keyProvider = keyProvider; |
| 33 | this.crypto = crypto; |
| 34 | } |
| 35 | |
| 36 | RSAAlgorithm(String id, String algorithm, RSAKeyProvider keyProvider) throws IllegalArgumentException { |
| 37 | this(new CryptoHelper(), id, algorithm, keyProvider); |
| 38 | } |
| 39 | |
| 40 | @Override |
| 41 | public void verify(DecodedJWT jwt) throws SignatureVerificationException { |
| 42 | try { |
| 43 | byte[] signatureBytes = Base64.getUrlDecoder().decode(jwt.getSignature()); |
| 44 | RSAPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId()); |
| 45 | if (publicKey == null) { |
| 46 | throw new IllegalStateException("The given Public Key is null."); |
| 47 | } |
| 48 | boolean valid = crypto.verifySignatureFor( |
| 49 | getDescription(), publicKey, jwt.getHeader(), jwt.getPayload(), signatureBytes); |
| 50 | if (!valid) { |
| 51 | throw new SignatureVerificationException(this); |
| 52 | } |
| 53 | } catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException |
| 54 | | IllegalArgumentException | IllegalStateException e) { |
| 55 | throw new SignatureVerificationException(this, e); |
| 56 | } |
| 57 | } |
| 58 | |
| 59 | @Override |
| 60 | public byte[] sign(byte[] headerBytes, byte[] payloadBytes) throws SignatureGenerationException { |
| 61 | try { |
| 62 | RSAPrivateKey privateKey = keyProvider.getPrivateKey(); |
| 63 | if (privateKey == null) { |
| 64 | throw new IllegalStateException("The given Private Key is null."); |
| 65 | } |
| 66 | return crypto.createSignatureFor(getDescription(), privateKey, headerBytes, payloadBytes); |
| 67 | } catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) { |
| 68 | throw new SignatureGenerationException(this, e); |
| 69 | } |
| 70 | } |
| 71 | |
| 72 | @Override |
| 73 | public byte[] sign(byte[] contentBytes) throws SignatureGenerationException { |
| 74 | try { |
| 75 | RSAPrivateKey privateKey = keyProvider.getPrivateKey(); |
| 76 | if (privateKey == null) { |
| 77 | throw new IllegalStateException("The given Private Key is null."); |
nothing calls this directly
no outgoing calls
no test coverage detected
searching dependent graphs…