Java Code Examples for io.jsonwebtoken.SignatureAlgorithm#name()

The following examples show how to use io.jsonwebtoken.SignatureAlgorithm#name() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultSignatureValidatorFactory.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
@Override
public SignatureValidator createSignatureValidator(SignatureAlgorithm alg, Key key) {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    Assert.notNull(key, "Signing Key cannot be null.");

    switch (alg) {
        case HS256:
        case HS384:
        case HS512:
            return new MacValidator(alg, key);
        case RS256:
        case RS384:
        case RS512:
        case PS256:
        case PS384:
        case PS512:
            return new RsaSignatureValidator(alg, key);
        case ES256:
        case ES384:
        case ES512:
            return new EllipticCurveSignatureValidator(alg, key);
        default:
            throw new IllegalArgumentException("The '" + alg.name() + "' algorithm cannot be used for signing.");
    }
}
 
Example 2
Source File: DefaultSignerFactory.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
@Override
public Signer createSigner(SignatureAlgorithm alg, Key key) {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    Assert.notNull(key, "Signing Key cannot be null.");

    switch (alg) {
        case HS256:
        case HS384:
        case HS512:
            return new MacSigner(alg, key);
        case RS256:
        case RS384:
        case RS512:
        case PS256:
        case PS384:
        case PS512:
            return new RsaSigner(alg, key);
        case ES256:
        case ES384:
        case ES512:
            return new EllipticCurveSigner(alg, key);
        default:
            throw new IllegalArgumentException("The '" + alg.name() + "' algorithm cannot be used for signing.");
    }
}
 
Example 3
Source File: DefaultSignatureValidatorFactory.java    From jjwt with Apache License 2.0 6 votes vote down vote up
@Override
public SignatureValidator createSignatureValidator(SignatureAlgorithm alg, Key key) {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    Assert.notNull(key, "Signing Key cannot be null.");

    switch (alg) {
        case HS256:
        case HS384:
        case HS512:
            return new MacValidator(alg, key);
        case RS256:
        case RS384:
        case RS512:
        case PS256:
        case PS384:
        case PS512:
            return new RsaSignatureValidator(alg, key);
        case ES256:
        case ES384:
        case ES512:
            return new EllipticCurveSignatureValidator(alg, key);
        default:
            throw new IllegalArgumentException("The '" + alg.name() + "' algorithm cannot be used for signing.");
    }
}
 
Example 4
Source File: DefaultSignerFactory.java    From jjwt with Apache License 2.0 6 votes vote down vote up
@Override
public Signer createSigner(SignatureAlgorithm alg, Key key) {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    Assert.notNull(key, "Signing Key cannot be null.");

    switch (alg) {
        case HS256:
        case HS384:
        case HS512:
            return new MacSigner(alg, key);
        case RS256:
        case RS384:
        case RS512:
        case PS256:
        case PS384:
        case PS512:
            return new RsaSigner(alg, key);
        case ES256:
        case ES384:
        case ES512:
            return new EllipticCurveSigner(alg, key);
        default:
            throw new IllegalArgumentException("The '" + alg.name() + "' algorithm cannot be used for signing.");
    }
}
 
Example 5
Source File: EllipticCurveProvider.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Returns the expected signature byte array length (R + S parts) for
 * the specified ECDSA algorithm.
 *
 * @param alg The ECDSA algorithm. Must be supported and not
 *            {@code null}.
 *
 * @return The expected byte array length for the signature.
 *
 * @throws JwtException If the algorithm is not supported.
 */
public static int getSignatureByteArrayLength(final SignatureAlgorithm alg)
        throws JwtException {

    switch (alg) {
        case ES256: return 64;
        case ES384: return 96;
        case ES512: return 132;
        default:
            throw new JwtException("Unsupported Algorithm: " + alg.name());
    }
}
 
Example 6
Source File: AuthTokenUtils.java    From pulsar with Apache License 2.0 5 votes vote down vote up
private static String keyTypeForSignatureAlgorithm(SignatureAlgorithm alg) {
    if (alg.getFamilyName().equals("RSA")) {
        return "RSA";
    } else if (alg.getFamilyName().equals("ECDSA")) {
        return "EC";
    } else {
        String msg = "The " + alg.name() + " algorithm does not support Key Pairs.";
        throw new IllegalArgumentException(msg);
    }
}
 
Example 7
Source File: EllipticCurveProvider.java    From jjwt with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the expected signature byte array length (R + S parts) for
 * the specified ECDSA algorithm.
 *
 * @param alg The ECDSA algorithm. Must be supported and not
 *            {@code null}.
 * @return The expected byte array length for the signature.
 * @throws JwtException If the algorithm is not supported.
 */
public static int getSignatureByteArrayLength(final SignatureAlgorithm alg)
    throws JwtException {

    switch (alg) {
        case ES256:
            return 64;
        case ES384:
            return 96;
        case ES512:
            return 132;
        default:
            throw new JwtException("Unsupported Algorithm: " + alg.name());
    }
}
 
Example 8
Source File: Keys.java    From jjwt with Apache License 2.0 4 votes vote down vote up
/**
 * Returns a new {@link KeyPair} suitable for use with the specified asymmetric algorithm.
 *
 * <p>If the {@code alg} argument is an RSA algorithm, a KeyPair is generated based on the following:</p>
 *
 * <table>
 * <tr>
 * <th>JWA Algorithm</th>
 * <th>Key Size</th>
 * </tr>
 * <tr>
 * <td>RS256</td>
 * <td>2048 bits</td>
 * </tr>
 * <tr>
 * <td>PS256</td>
 * <td>2048 bits</td>
 * </tr>
 * <tr>
 * <td>RS384</td>
 * <td>3072 bits</td>
 * </tr>
 * <tr>
 * <td>PS384</td>
 * <td>3072 bits</td>
 * </tr>
 * <tr>
 * <td>RS512</td>
 * <td>4096 bits</td>
 * </tr>
 * <tr>
 * <td>PS512</td>
 * <td>4096 bits</td>
 * </tr>
 * </table>
 *
 * <p>If the {@code alg} argument is an Elliptic Curve algorithm, a KeyPair is generated based on the following:</p>
 *
 * <table>
 * <tr>
 * <th>JWA Algorithm</th>
 * <th>Key Size</th>
 * <th><a href="https://tools.ietf.org/html/rfc7518#section-7.6.2">JWA Curve Name</a></th>
 * <th><a href="https://tools.ietf.org/html/rfc5480#section-2.1.1.1">ASN1 OID Curve Name</a></th>
 * </tr>
 * <tr>
 * <td>EC256</td>
 * <td>256 bits</td>
 * <td>{@code P-256}</td>
 * <td>{@code secp256r1}</td>
 * </tr>
 * <tr>
 * <td>EC384</td>
 * <td>384 bits</td>
 * <td>{@code P-384}</td>
 * <td>{@code secp384r1}</td>
 * </tr>
 * <tr>
 * <td>EC512</td>
 * <td>512 bits</td>
 * <td>{@code P-521}</td>
 * <td>{@code secp521r1}</td>
 * </tr>
 * </table>
 *
 * @param alg the {@code SignatureAlgorithm} to inspect to determine which asymmetric algorithm to use.
 * @return a new {@link KeyPair} suitable for use with the specified asymmetric algorithm.
 * @throws IllegalArgumentException if {@code alg} is not an asymmetric algorithm
 */
public static KeyPair keyPairFor(SignatureAlgorithm alg) throws IllegalArgumentException {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    switch (alg) {
        case RS256:
        case PS256:
        case RS384:
        case PS384:
        case RS512:
        case PS512:
            return Classes.invokeStatic(RSA, "generateKeyPair", SIG_ARG_TYPES, alg);
        case ES256:
        case ES384:
        case ES512:
            return Classes.invokeStatic(EC, "generateKeyPair", SIG_ARG_TYPES, alg);
        default:
            String msg = "The " + alg.name() + " algorithm does not support Key Pairs.";
            throw new IllegalArgumentException(msg);
    }
}
 
Example 9
Source File: Keys.java    From jjwt with Apache License 2.0 3 votes vote down vote up
/**
 * Returns a new {@link SecretKey} with a key length suitable for use with the specified {@link SignatureAlgorithm}.
 *
 * <p><a href="https://tools.ietf.org/html/rfc7518#section-3.2">JWA Specification (RFC 7518), Section 3.2</a>
 * requires minimum key lengths to be used for each respective Signature Algorithm.  This method returns a
 * secure-random generated SecretKey that adheres to the required minimum key length.  The lengths are:</p>
 *
 * <table>
 * <tr>
 * <th>Algorithm</th>
 * <th>Key Length</th>
 * </tr>
 * <tr>
 * <td>HS256</td>
 * <td>256 bits (32 bytes)</td>
 * </tr>
 * <tr>
 * <td>HS384</td>
 * <td>384 bits (48 bytes)</td>
 * </tr>
 * <tr>
 * <td>HS512</td>
 * <td>512 bits (64 bytes)</td>
 * </tr>
 * </table>
 *
 * @param alg the {@code SignatureAlgorithm} to inspect to determine which key length to use.
 * @return a new {@link SecretKey} instance suitable for use with the specified {@link SignatureAlgorithm}.
 * @throws IllegalArgumentException for any input value other than {@link SignatureAlgorithm#HS256},
 *                                  {@link SignatureAlgorithm#HS384}, or {@link SignatureAlgorithm#HS512}
 */
public static SecretKey secretKeyFor(SignatureAlgorithm alg) throws IllegalArgumentException {
    Assert.notNull(alg, "SignatureAlgorithm cannot be null.");
    switch (alg) {
        case HS256:
        case HS384:
        case HS512:
            return Classes.invokeStatic(MAC, "generateKey", SIG_ARG_TYPES, alg);
        default:
            String msg = "The " + alg.name() + " algorithm does not support shared secret keys.";
            throw new IllegalArgumentException(msg);
    }
}