001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2024, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jose.jwk; 019 020 021import com.nimbusds.jose.Algorithm; 022import com.nimbusds.jose.JOSEException; 023import com.nimbusds.jose.util.Base64; 024import com.nimbusds.jose.util.*; 025import net.jcip.annotations.Immutable; 026 027import java.io.Serializable; 028import java.math.BigInteger; 029import java.net.URI; 030import java.security.*; 031import java.security.cert.CertificateEncodingException; 032import java.security.cert.X509Certificate; 033import java.security.interfaces.RSAMultiPrimePrivateCrtKey; 034import java.security.interfaces.RSAPrivateCrtKey; 035import java.security.interfaces.RSAPrivateKey; 036import java.security.interfaces.RSAPublicKey; 037import java.security.spec.*; 038import java.text.ParseException; 039import java.util.*; 040 041 042/** 043 * Public and private {@link KeyType#RSA RSA} JSON Web Key (JWK). This class is 044 * immutable. 045 * 046 * <p>Provides RSA JWK import from / export to the following standard Java 047 * interfaces and classes: 048 * 049 * <ul> 050 * <li>{@link java.security.interfaces.RSAPublicKey} 051 * <li>{@link java.security.interfaces.RSAPrivateKey} 052 * <ul> 053 * <li>{@link java.security.interfaces.RSAPrivateCrtKey} 054 * <li>{@link java.security.interfaces.RSAMultiPrimePrivateCrtKey} 055 * </ul> 056 * <li>{@link java.security.PrivateKey} for an RSA key in a PKCS#11 store 057 * <li>{@link java.security.KeyPair} 058 * </ul> 059 * 060 * <p>Example JSON object representation of a public RSA JWK: 061 * 062 * <pre> 063 * { 064 * "kty" : "RSA", 065 * "n" : "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 066 * 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs 067 * tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 068 * QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI 069 * SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb 070 * w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", 071 * "e" : "AQAB", 072 * "alg" : "RS256", 073 * "kid" : "2011-04-29" 074 * } 075 * </pre> 076 * 077 * <p>Example JSON object representation of a public and private RSA JWK (with 078 * both the first and the second private key representations): 079 * 080 * <pre> 081 * { 082 * "kty" : "RSA", 083 * "n" : "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 084 * 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs 085 * tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 086 * QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI 087 * SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb 088 * w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", 089 * "e" : "AQAB", 090 * "d" : "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9 091 * M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqij 092 * wp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d 093 * _cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBz 094 * nbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFz 095 * me1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q", 096 * "p" : "83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPV 097 * nwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqV 098 * WlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs", 099 * "q" : "3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyum 100 * qjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgx 101 * kIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk", 102 * "dp" : "G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oim 103 * YwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_Nmtu 104 * YZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0", 105 * "dq" : "s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUU 106 * vMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9 107 * GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk", 108 * "qi" : "GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzg 109 * UIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rx 110 * yR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU", 111 * "alg" : "RS256", 112 * "kid" : "2011-04-29" 113 * } 114 * </pre> 115 * 116 * <p>Use the builder to create a new RSA JWK: 117 * 118 * <pre> 119 * RSAKey key = new RSAKey.Builder(n, e) 120 * .keyUse(KeyUse.SIGNATURE) 121 * .keyID("123") 122 * .build(); 123 * </pre> 124 * 125 * @author Vladimir Dzhuvinov 126 * @author Justin Richer 127 * @author Cedric Staub 128 * @version 2024-10-31 129 */ 130@Immutable 131public final class RSAKey extends JWK implements AsymmetricJWK { 132 133 134 private static final long serialVersionUID = 1L; 135 136 137 /** 138 * Other Primes Info, represents the private {@code oth} parameter of a 139 * RSA JWK. This class is immutable. 140 */ 141 @Immutable 142 public static class OtherPrimesInfo implements Serializable { 143 144 145 private static final long serialVersionUID = 1L; 146 147 148 /** 149 * The prime factor. 150 */ 151 private final Base64URL r; 152 153 154 /** 155 * The factor Chinese Remainder Theorem (CRT) exponent. 156 */ 157 private final Base64URL d; 158 159 160 /** 161 * The factor Chinese Remainder Theorem (CRT) coefficient. 162 */ 163 private final Base64URL t; 164 165 166 /** 167 * Creates a new JWK Other Primes Info with the specified 168 * parameters. 169 * 170 * @param r The prime factor. Must not be {@code null}. 171 * @param d The factor Chinese Remainder Theorem (CRT) 172 * exponent. Must not be {@code null}. 173 * @param t The factor Chinese Remainder Theorem (CRT) 174 * coefficient. Must not be {@code null}. 175 */ 176 public OtherPrimesInfo(final Base64URL r, final Base64URL d, final Base64URL t) { 177 this.r = Objects.requireNonNull(r); 178 this.d = Objects.requireNonNull(d); 179 this.t = Objects.requireNonNull(t); 180 } 181 182 183 /** 184 * Creates a new JWK Other Primes Info from the specified 185 * {@code java.security.spec.RSAOtherPrimeInfo} instance. 186 * 187 * @param oth The RSA Other Primes Info instance. Must not be 188 * {@code null}. 189 */ 190 public OtherPrimesInfo(final RSAOtherPrimeInfo oth) { 191 192 r = Base64URL.encode(oth.getPrime()); 193 d = Base64URL.encode(oth.getExponent()); 194 t = Base64URL.encode(oth.getCrtCoefficient()); 195 } 196 197 198 /** 199 * Gets the prime factor ({@code r}). 200 * 201 * @return The prime factor. 202 */ 203 public Base64URL getPrimeFactor() { 204 205 return r; 206 } 207 208 209 /** 210 * Gets factor Chinese Remainder Theorem (CRT) exponent 211 * ({@code d}). 212 * 213 * @return The factor Chinese Remainder Theorem (CRT) exponent. 214 */ 215 public Base64URL getFactorCRTExponent() { 216 217 return d; 218 } 219 220 221 /** 222 * The factor Chinese Remainder Theorem (CRT) coefficient 223 * ({@code t}). 224 * 225 * @return The factor Chinese Remainder Theorem (CRT) 226 * coefficient. 227 */ 228 public Base64URL getFactorCRTCoefficient() { 229 230 return t; 231 } 232 233 234 /** 235 * Converts the specified array of 236 * {@code java.security.spec.RSAOtherPrimeInfo} instances to a 237 * list of JWK Other Prime Infos. 238 * 239 * @param othArray Array of RSA Other Primes Info instances. 240 * May be {@code null}. 241 * 242 * @return The corresponding list of JWK Other Prime Infos, or 243 * empty list of the array was {@code null}. 244 */ 245 public static List<OtherPrimesInfo> toList(final RSAOtherPrimeInfo[] othArray) { 246 247 List<OtherPrimesInfo> list = new ArrayList<>(); 248 249 if (othArray == null) { 250 251 // Return empty list 252 return list; 253 } 254 255 for (RSAOtherPrimeInfo oth: othArray) { 256 257 list.add(new OtherPrimesInfo(oth)); 258 } 259 260 return list; 261 } 262 } 263 264 265 /** 266 * Builder for constructing RSA JWKs. 267 * 268 * <p>Example usage: 269 * 270 * <pre> 271 * RSAKey key = new RSAKey.Builder(n, e). 272 * privateExponent(d). 273 * algorithm(JWSAlgorithm.RS512). 274 * keyID("456"). 275 * build(); 276 * </pre> 277 */ 278 public static class Builder { 279 280 281 // Public RSA params 282 283 /** 284 * The modulus value for the RSA key. 285 */ 286 private final Base64URL n; 287 288 289 /** 290 * The public exponent of the RSA key. 291 */ 292 private final Base64URL e; 293 294 295 // Private RSA params, 1st representation 296 297 /** 298 * The private exponent of the RSA key. 299 */ 300 private Base64URL d; 301 302 303 // Private RSA params, 2nd representation 304 305 /** 306 * The first prime factor of the private RSA key. 307 */ 308 private Base64URL p; 309 310 311 /** 312 * The second prime factor of the private RSA key. 313 */ 314 private Base64URL q; 315 316 317 /** 318 * The first factor Chinese Remainder Theorem exponent of the 319 * private RSA key. 320 */ 321 private Base64URL dp; 322 323 324 /** 325 * The second factor Chinese Remainder Theorem exponent of the 326 * private RSA key. 327 */ 328 private Base64URL dq; 329 330 331 /** 332 * The first Chinese Remainder Theorem coefficient of the private RSA 333 * key. 334 */ 335 private Base64URL qi; 336 337 338 /** 339 * The other primes information of the private RSA key, should 340 * they exist. When only two primes have been used (the normal 341 * case), this parameter MUST be omitted. When three or more 342 * primes have been used, the number of array elements MUST be 343 * the number of primes used minus two. 344 */ 345 private List<OtherPrimesInfo> oth; 346 347 348 // Private RSA key, as PKCS#11 handle 349 350 /** 351 * The private RSA key, as PKCS#11 handle. 352 */ 353 private PrivateKey priv; 354 355 356 /** 357 * The key use, optional. 358 */ 359 private KeyUse use; 360 361 362 /** 363 * The key operations, optional. 364 */ 365 private Set<KeyOperation> ops; 366 367 368 /** 369 * The intended JOSE algorithm for the key, optional. 370 */ 371 private Algorithm alg; 372 373 374 /** 375 * The key ID, optional. 376 */ 377 private String kid; 378 379 380 /** 381 * X.509 certificate URL, optional. 382 */ 383 private URI x5u; 384 385 386 /** 387 * X.509 certificate SHA-1 thumbprint, optional. 388 */ 389 @Deprecated 390 private Base64URL x5t; 391 392 393 /** 394 * X.509 certificate SHA-256 thumbprint, optional. 395 */ 396 private Base64URL x5t256; 397 398 399 /** 400 * The X.509 certificate chain, optional. 401 */ 402 private List<Base64> x5c; 403 404 405 /** 406 * The key expiration time, optional. 407 */ 408 private Date exp; 409 410 411 /** 412 * The key not-before time, optional. 413 */ 414 private Date nbf; 415 416 417 /** 418 * The key issued-at time, optional. 419 */ 420 private Date iat; 421 422 423 /** 424 * The key revocation, optional. 425 */ 426 private KeyRevocation revocation; 427 428 429 /** 430 * Reference to the underlying key store, {@code null} if none. 431 */ 432 private KeyStore ks; 433 434 435 /** 436 * Creates a new RSA JWK builder. 437 * 438 * @param n The modulus value for the public RSA key. It is 439 * represented as the Base64URL encoding of value's 440 * big endian representation. Must not be 441 * {@code null}. 442 * @param e The exponent value for the public RSA key. It is 443 * represented as the Base64URL encoding of value's 444 * big endian representation. Must not be 445 * {@code null}. 446 */ 447 public Builder(final Base64URL n, final Base64URL e) { 448 449 this.n = Objects.requireNonNull(n); 450 this.e = Objects.requireNonNull(e); 451 } 452 453 454 /** 455 * Creates a new RSA JWK builder. 456 * 457 * @param pub The public RSA key to represent. Must not be 458 * {@code null}. 459 */ 460 public Builder(final RSAPublicKey pub) { 461 462 n = Base64URL.encode(pub.getModulus()); 463 e = Base64URL.encode(pub.getPublicExponent()); 464 } 465 466 467 /** 468 * Creates a new RSA JWK builder. 469 * 470 * @param rsaJWK The RSA JWK to start with. Must not be 471 * {@code null}. 472 */ 473 public Builder(final RSAKey rsaJWK) { 474 475 n = rsaJWK.n; 476 e = rsaJWK.e; 477 d = rsaJWK.d; 478 p = rsaJWK.p; 479 q = rsaJWK.q; 480 dp = rsaJWK.dp; 481 dq = rsaJWK.dq; 482 qi = rsaJWK.qi; 483 oth = rsaJWK.oth; 484 priv = rsaJWK.privateKey; 485 use = rsaJWK.getKeyUse(); 486 ops = rsaJWK.getKeyOperations(); 487 alg = rsaJWK.getAlgorithm(); 488 kid = rsaJWK.getKeyID(); 489 x5u = rsaJWK.getX509CertURL(); 490 x5t = rsaJWK.getX509CertThumbprint(); 491 x5t256 = rsaJWK.getX509CertSHA256Thumbprint(); 492 x5c = rsaJWK.getX509CertChain(); 493 exp = rsaJWK.getExpirationTime(); 494 nbf = rsaJWK.getNotBeforeTime(); 495 iat = rsaJWK.getIssueTime(); 496 revocation = rsaJWK.getKeyRevocation(); 497 ks = rsaJWK.getKeyStore(); 498 } 499 500 501 /** 502 * Sets the private exponent ({@code d}) of the RSA key. 503 * 504 * @param d The private RSA key exponent. It is represented as 505 * the Base64URL encoding of the value's big endian 506 * representation. {@code null} if not specified (for 507 * a public key or a private key specified otherwise). 508 * 509 * @return This builder. 510 */ 511 public Builder privateExponent(final Base64URL d) { 512 513 this.d = d; 514 return this; 515 } 516 517 518 /** 519 * Sets the private RSA key, using the first representation. 520 * 521 * @param priv The private RSA key, used to obtain the private 522 * exponent ({@code d}). {@code null} if not 523 * specified (for a public key or a private key 524 * specified otherwise). 525 * 526 * @return This builder. 527 */ 528 public Builder privateKey(final RSAPrivateKey priv) { 529 530 if (priv instanceof RSAPrivateCrtKey) { 531 return privateKey((RSAPrivateCrtKey) priv); 532 } 533 534 if (priv instanceof RSAMultiPrimePrivateCrtKey) { 535 return privateKey((RSAMultiPrimePrivateCrtKey) priv); 536 } 537 538 if (priv != null) { 539 this.d = Base64URL.encode(priv.getPrivateExponent()); 540 } else { 541 this.d = null; 542 } 543 544 return this; 545 } 546 547 548 /** 549 * Sets the private RSA key, typically for a key located in a 550 * PKCS#11 store that doesn't expose the private key parameters 551 * (such as a smart card or HSM). 552 * 553 * @param priv The private RSA key reference. Its algorithm 554 * must be "RSA". {@code null} if not specified 555 * (for a public key or private key specified 556 * otherwise). 557 * 558 * @return This builder. 559 */ 560 public Builder privateKey(final PrivateKey priv) { 561 562 if (priv instanceof RSAPrivateKey) { 563 // We have the key material 564 return privateKey((RSAPrivateKey) priv); 565 } 566 567 if (priv != null && ! "RSA".equalsIgnoreCase(priv.getAlgorithm())) { 568 throw new IllegalArgumentException("The private key algorithm must be RSA"); 569 } 570 571 this.priv = priv; 572 return this; 573 } 574 575 576 /** 577 * Sets the first prime factor ({@code p}) of the private RSA 578 * key. 579 * 580 * @param p The RSA first prime factor. It is represented as 581 * the Base64URL encoding of the value's big endian 582 * representation. {@code null} if not specified (for 583 * a public key or a private key specified otherwise). 584 * 585 * @return This builder. 586 */ 587 public Builder firstPrimeFactor(final Base64URL p) { 588 589 this.p = p; 590 return this; 591 } 592 593 594 /** 595 * Sets the second prime factor ({@code q}) of the private RSA 596 * key. 597 * 598 * @param q The RSA second prime factor. It is represented as 599 * the Base64URL encoding of the value's big endian 600 * representation. {@code null} if not specified (for 601 * a public key or a private specified otherwise). 602 * 603 * @return This builder. 604 */ 605 public Builder secondPrimeFactor(final Base64URL q) { 606 607 this.q = q; 608 return this; 609 } 610 611 612 /** 613 * Sets the first factor Chinese Remainder Theorem (CRT) 614 * exponent ({@code dp}) of the private RSA key. 615 * 616 * @param dp The RSA first factor CRT exponent. It is 617 * represented as the Base64URL encoding of the 618 * value's big endian representation. {@code null} 619 * if not specified (for a public key or a private 620 * key specified otherwise). 621 * 622 * @return This builder. 623 */ 624 public Builder firstFactorCRTExponent(final Base64URL dp) { 625 626 this.dp = dp; 627 return this; 628 } 629 630 631 /** 632 * Sets the second factor Chinese Remainder Theorem (CRT) 633 * exponent ({@code dq}) of the private RSA key. 634 * 635 * @param dq The RSA second factor CRT exponent. It is 636 * represented as the Base64URL encoding of the 637 * value's big endian representation. {@code null} if 638 * not specified (for a public key or a private key 639 * specified otherwise). 640 * 641 * @return This builder. 642 */ 643 public Builder secondFactorCRTExponent(final Base64URL dq) { 644 645 this.dq = dq; 646 return this; 647 } 648 649 650 /** 651 * Sets the first Chinese Remainder Theorem (CRT) coefficient 652 * ({@code qi}) of the private RSA key. 653 * 654 * @param qi The RSA first CRT coefficient. It is represented 655 * as the Base64URL encoding of the value's big 656 * endian representation. {@code null} if not 657 * specified (for a public key or a private key 658 * specified otherwise). 659 * 660 * @return This builder. 661 */ 662 public Builder firstCRTCoefficient(final Base64URL qi) { 663 664 this.qi = qi; 665 return this; 666 } 667 668 669 /** 670 * Sets the other primes information ({@code oth}) for the 671 * private RSA key, should they exist. 672 * 673 * @param oth The RSA other primes information, {@code null} or 674 * empty list if not specified. 675 * 676 * @return This builder. 677 */ 678 public Builder otherPrimes(final List<OtherPrimesInfo> oth) { 679 680 this.oth = oth; 681 return this; 682 } 683 684 685 /** 686 * Sets the private RSA key, using the second representation 687 * (see RFC 3447, section 3.2). 688 * 689 * @param priv The private RSA key, used to obtain the private 690 * exponent ({@code d}), the first prime factor 691 * ({@code p}), the second prime factor 692 * ({@code q}), the first factor CRT exponent 693 * ({@code dp}), the second factor CRT exponent 694 * ({@code dq}) and the first CRT coefficient 695 * ({@code qi}). {@code null} if not specified (for 696 * a public key or private key specified 697 * otherwise). 698 * 699 * @return This builder. 700 */ 701 public Builder privateKey(final RSAPrivateCrtKey priv) { 702 703 if (priv != null) { 704 d = Base64URL.encode(priv.getPrivateExponent()); 705 p = Base64URL.encode(priv.getPrimeP()); 706 q = Base64URL.encode(priv.getPrimeQ()); 707 dp = Base64URL.encode(priv.getPrimeExponentP()); 708 dq = Base64URL.encode(priv.getPrimeExponentQ()); 709 qi = Base64URL.encode(priv.getCrtCoefficient()); 710 } else { 711 d = null; 712 p = null; 713 q = null; 714 dp = null; 715 dq = null; 716 qi = null; 717 } 718 719 return this; 720 } 721 722 723 /** 724 * Sets the private RSA key, using the second representation, 725 * with optional other primes info (see RFC 3447, section 3.2). 726 * 727 * @param priv The private RSA key, used to obtain the private 728 * exponent ({@code d}), the first prime factor 729 * ({@code p}), the second prime factor 730 * ({@code q}), the first factor CRT exponent 731 * ({@code dp}), the second factor CRT exponent 732 * ({@code dq}), the first CRT coefficient 733 * ({@code qi}) and the other primes info 734 * ({@code oth}). {@code null} if not specified 735 * (for a public key or private key specified 736 * otherwise). 737 * 738 * @return This builder. 739 */ 740 public Builder privateKey(final RSAMultiPrimePrivateCrtKey priv) { 741 742 if (priv != null) { 743 d = Base64URL.encode(priv.getPrivateExponent()); 744 p = Base64URL.encode(priv.getPrimeP()); 745 q = Base64URL.encode(priv.getPrimeQ()); 746 dp = Base64URL.encode(priv.getPrimeExponentP()); 747 dq = Base64URL.encode(priv.getPrimeExponentQ()); 748 qi = Base64URL.encode(priv.getCrtCoefficient()); 749 oth = OtherPrimesInfo.toList(priv.getOtherPrimeInfo()); 750 } else { 751 d = null; 752 p = null; 753 q = null; 754 dp = null; 755 dq = null; 756 qi = null; 757 oth = null; 758 } 759 760 return this; 761 } 762 763 764 /** 765 * Sets the use ({@code use}) of the JWK. 766 * 767 * @param use The key use, {@code null} if not specified or if 768 * the key is intended for signing as well as 769 * encryption. 770 * 771 * @return This builder. 772 */ 773 public Builder keyUse(final KeyUse use) { 774 775 this.use = use; 776 return this; 777 } 778 779 780 /** 781 * Sets the operations ({@code key_ops}) of the JWK (for a 782 * non-public key). 783 * 784 * @param ops The key operations, {@code null} if not 785 * specified. 786 * 787 * @return This builder. 788 */ 789 public Builder keyOperations(final Set<KeyOperation> ops) { 790 791 this.ops = ops; 792 return this; 793 } 794 795 796 /** 797 * Sets the intended JOSE algorithm ({@code alg}) for the JWK. 798 * 799 * @param alg The intended JOSE algorithm, {@code null} if not 800 * specified. 801 * 802 * @return This builder. 803 */ 804 public Builder algorithm(final Algorithm alg) { 805 806 this.alg = alg; 807 return this; 808 } 809 810 /** 811 * Sets the ID ({@code kid}) of the JWK. The key ID can be used 812 * to match a specific key. This can be used, for instance, to 813 * choose a key within a {@link JWKSet} during key rollover. 814 * The key ID may also correspond to a JWS/JWE {@code kid} 815 * header parameter value. 816 * 817 * @param kid The key ID, {@code null} if not specified. 818 * 819 * @return This builder. 820 */ 821 public Builder keyID(final String kid) { 822 823 this.kid = kid; 824 return this; 825 } 826 827 828 /** 829 * Sets the ID ({@code kid}) of the JWK to its SHA-256 JWK 830 * thumbprint (RFC 7638). The key ID can be used to match a 831 * specific key. This can be used, for instance, to choose a 832 * key within a {@link JWKSet} during key rollover. The key ID 833 * may also correspond to a JWS/JWE {@code kid} header 834 * parameter value. 835 * 836 * @return This builder. 837 * 838 * @throws JOSEException If the SHA-256 hash algorithm is not 839 * supported. 840 */ 841 public Builder keyIDFromThumbprint() 842 throws JOSEException { 843 844 return keyIDFromThumbprint("SHA-256"); 845 } 846 847 848 /** 849 * Sets the ID ({@code kid}) of the JWK to its JWK thumbprint 850 * (RFC 7638). The key ID can be used to match a specific key. 851 * This can be used, for instance, to choose a key within a 852 * {@link JWKSet} during key rollover. The key ID may also 853 * correspond to a JWS/JWE {@code kid} header parameter value. 854 * 855 * @param hashAlg The hash algorithm for the JWK thumbprint 856 * computation. Must not be {@code null}. 857 * 858 * @return This builder. 859 * 860 * @throws JOSEException If the hash algorithm is not 861 * supported. 862 */ 863 public Builder keyIDFromThumbprint(final String hashAlg) 864 throws JOSEException { 865 866 // Put mandatory params in sorted order 867 LinkedHashMap<String,Object> requiredParams = new LinkedHashMap<>(); 868 requiredParams.put(JWKParameterNames.RSA_EXPONENT, e.toString()); 869 requiredParams.put(JWKParameterNames.KEY_TYPE, KeyType.RSA.getValue()); 870 requiredParams.put(JWKParameterNames.RSA_MODULUS, n.toString()); 871 this.kid = ThumbprintUtils.compute(hashAlg, requiredParams).toString(); 872 return this; 873 } 874 875 876 /** 877 * Sets the X.509 certificate URL ({@code x5u}) of the JWK. 878 * 879 * @param x5u The X.509 certificate URL, {@code null} if not 880 * specified. 881 * 882 * @return This builder. 883 */ 884 public Builder x509CertURL(final URI x5u) { 885 886 this.x5u = x5u; 887 return this; 888 } 889 890 891 /** 892 * Sets the X.509 certificate SHA-1 thumbprint ({@code x5t}) of 893 * the JWK. 894 * 895 * @param x5t The X.509 certificate SHA-1 thumbprint, 896 * {@code null} if not specified. 897 * 898 * @return This builder. 899 */ 900 @Deprecated 901 public Builder x509CertThumbprint(final Base64URL x5t) { 902 903 this.x5t = x5t; 904 return this; 905 } 906 907 908 /** 909 * Sets the X.509 certificate SHA-256 thumbprint 910 * ({@code x5t#S256}) of the JWK. 911 * 912 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 913 * {@code null} if not specified. 914 * 915 * @return This builder. 916 */ 917 public Builder x509CertSHA256Thumbprint(final Base64URL x5t256) { 918 919 this.x5t256 = x5t256; 920 return this; 921 } 922 923 924 /** 925 * Sets the X.509 certificate chain ({@code x5c}) of the JWK. 926 * 927 * @param x5c The X.509 certificate chain as a unmodifiable 928 * list, {@code null} if not specified. 929 * 930 * @return This builder. 931 */ 932 public Builder x509CertChain(final List<Base64> x5c) { 933 934 this.x5c = x5c; 935 return this; 936 } 937 938 939 /** 940 * Sets the expiration time ({@code exp}) of the JWK. 941 * 942 * @param exp The expiration time, {@code null} if not 943 * specified. 944 * 945 * @return This builder. 946 */ 947 public Builder expirationTime(final Date exp) { 948 949 this.exp = exp; 950 return this; 951 } 952 953 954 /** 955 * Sets the not-before time ({@code nbf}) of the JWK. 956 * 957 * @param nbf The not-before time, {@code null} if not 958 * specified. 959 * 960 * @return This builder. 961 */ 962 public Builder notBeforeTime(final Date nbf) { 963 964 this.nbf = nbf; 965 return this; 966 } 967 968 969 /** 970 * Sets the issued-at time ({@code iat}) of the JWK. 971 * 972 * @param iat The issued-at time, {@code null} if not 973 * specified. 974 * 975 * @return This builder. 976 */ 977 public Builder issueTime(final Date iat) { 978 979 this.iat = iat; 980 return this; 981 } 982 983 984 /** 985 * Sets the revocation ({@code revoked}) of the JWK. 986 * 987 * @param revocation The key revocation, {@code null} if not 988 * specified. 989 * 990 * @return This builder. 991 */ 992 public Builder keyRevocation(final KeyRevocation revocation) { 993 994 this.revocation = revocation; 995 return this; 996 } 997 998 999 /** 1000 * Sets the underlying key store. 1001 * 1002 * @param keyStore Reference to the underlying key store, 1003 * {@code null} if none. 1004 * 1005 * @return This builder. 1006 */ 1007 public Builder keyStore(final KeyStore keyStore) { 1008 1009 this.ks = keyStore; 1010 return this; 1011 } 1012 1013 1014 /** 1015 * Builds a new RSA JWK. 1016 * 1017 * @return The RSA JWK. 1018 * 1019 * @throws IllegalStateException If the JWK parameters were 1020 * inconsistently specified. 1021 */ 1022 public RSAKey build() { 1023 1024 try { 1025 // The full constructor 1026 return new RSAKey(n, e, d, p, q, dp, dq, qi, oth, 1027 priv, 1028 use, ops, alg, kid, x5u, x5t, x5t256, x5c, 1029 exp, nbf, iat, revocation, 1030 ks); 1031 1032 } catch (IllegalArgumentException e) { 1033 1034 throw new IllegalStateException(e.getMessage(), e); 1035 } 1036 } 1037 } 1038 1039 1040 // Public RSA params 1041 1042 /** 1043 * The modulus value of the RSA key. 1044 */ 1045 private final Base64URL n; 1046 1047 1048 /** 1049 * The public exponent of the RSA key. 1050 */ 1051 private final Base64URL e; 1052 1053 1054 // Private RSA params, 1st representation 1055 1056 /** 1057 * The private exponent of the RSA key. 1058 */ 1059 private final Base64URL d; 1060 1061 1062 // Private RSA params, 2nd representation 1063 1064 /** 1065 * The first prime factor of the private RSA key. 1066 */ 1067 private final Base64URL p; 1068 1069 1070 /** 1071 * The second prime factor of the private RSA key. 1072 */ 1073 private final Base64URL q; 1074 1075 1076 /** 1077 * The first factor Chinese Remainder Theorem exponent of the private 1078 * RSA key. 1079 */ 1080 private final Base64URL dp; 1081 1082 1083 /** 1084 * The second factor Chinese Remainder Theorem exponent of the private 1085 * RSA key. 1086 */ 1087 private final Base64URL dq; 1088 1089 1090 /** 1091 * The first Chinese Remainder Theorem coefficient of the private RSA 1092 * key. 1093 */ 1094 private final Base64URL qi; 1095 1096 1097 /** 1098 * The other primes information of the private RSA key, should they 1099 * exist. When only two primes have been used (the normal case), this 1100 * parameter MUST be omitted. When three or more primes have been used, 1101 * the number of array elements MUST be the number of primes used minus 1102 * two. 1103 */ 1104 private final List<OtherPrimesInfo> oth; 1105 1106 1107 // Private RSA PKCS#11 key handle 1108 1109 /** 1110 * Private PKCS#11 key handle. 1111 */ 1112 private final PrivateKey privateKey; 1113 1114 1115 /** 1116 * Creates a new public RSA JSON Web Key (JWK) with the specified 1117 * parameters. 1118 * 1119 * @param n The modulus value for the public RSA key. It is 1120 * represented as the Base64URL encoding of value's big 1121 * endian representation. Must not be {@code null}. 1122 * @param e The exponent value for the public RSA key. It is 1123 * represented as the Base64URL encoding of value's big 1124 * endian representation. Must not be {@code null}. 1125 * @param use The key use, {@code null} if not specified or if the 1126 * key is intended for signing as well as encryption. 1127 * @param ops The key operations, {@code null} if not specified. 1128 * @param alg The intended JOSE algorithm for the key, {@code null} 1129 * if not specified. 1130 * @param kid The key ID, {@code null} if not specified. 1131 * @param x5u The X.509 certificate URL, {@code null} if not 1132 * specified. 1133 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1134 * if not specified. 1135 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1136 * if not specified. 1137 * @param x5c The X.509 certificate chain, {@code null} if not 1138 * specified. 1139 * @param ks Reference to the underlying key store, {@code null} if 1140 * not specified. 1141 */ 1142 @Deprecated 1143 public RSAKey(final Base64URL n, final Base64URL e, 1144 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1145 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1146 final KeyStore ks) { 1147 1148 // Call the full constructor, all private key parameters are null 1149 this(n, e, null, null, null, null, null, null, null, null, use, ops, alg, kid, 1150 x5u, x5t, x5t256, x5c, 1151 null, null, null, 1152 ks); 1153 } 1154 1155 1156 /** 1157 * Creates a new public RSA JSON Web Key (JWK) with the specified 1158 * parameters. 1159 * 1160 * @param n The modulus value for the public RSA key. It is 1161 * represented as the Base64URL encoding of value's big 1162 * endian representation. Must not be {@code null}. 1163 * @param e The exponent value for the public RSA key. It is 1164 * represented as the Base64URL encoding of value's big 1165 * endian representation. Must not be {@code null}. 1166 * @param use The key use, {@code null} if not specified or if the 1167 * key is intended for signing as well as encryption. 1168 * @param ops The key operations, {@code null} if not specified. 1169 * @param alg The intended JOSE algorithm for the key, {@code null} 1170 * if not specified. 1171 * @param kid The key ID, {@code null} if not specified. 1172 * @param x5u The X.509 certificate URL, {@code null} if not 1173 * specified. 1174 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1175 * if not specified. 1176 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1177 * if not specified. 1178 * @param x5c The X.509 certificate chain, {@code null} if not 1179 * specified. 1180 * @param exp The key expiration time, {@code null} if not 1181 * specified. 1182 * @param nbf The key not-before time, {@code null} if not 1183 * specified. 1184 * @param iat The key issued-at time, {@code null} if not specified. 1185 * @param ks Reference to the underlying key store, {@code null} if 1186 * not specified. 1187 */ 1188 @Deprecated 1189 public RSAKey(final Base64URL n, final Base64URL e, 1190 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1191 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1192 final Date exp, final Date nbf, final Date iat, 1193 final KeyStore ks) { 1194 1195 // Call the full constructor, all private key parameters are null 1196 this(n, e, null, null, null, null, null, null, null, null, use, ops, alg, kid, 1197 x5u, x5t, x5t256, x5c, 1198 exp, nbf, iat, 1199 ks); 1200 } 1201 1202 1203 // JWK public 1204 /** 1205 * Creates a new public RSA JSON Web Key (JWK) with the specified 1206 * parameters. 1207 * 1208 * @param n The modulus value for the public RSA key. It is 1209 * represented as the Base64URL encoding of value's 1210 * big endian representation. Must not be 1211 * {@code null}. 1212 * @param e The exponent value for the public RSA key. It is 1213 * represented as the Base64URL encoding of value's 1214 * big endian representation. Must not be 1215 * {@code null}. 1216 * @param use The key use, {@code null} if not specified or if 1217 * the key is intended for signing as well as 1218 * encryption. 1219 * @param ops The key operations, {@code null} if not specified. 1220 * @param alg The intended JOSE algorithm for the key, 1221 * {@code null} if not specified. 1222 * @param kid The key ID, {@code null} if not specified. 1223 * @param x5u The X.509 certificate URL, {@code null} if not 1224 * specified. 1225 * @param x5t The X.509 certificate SHA-1 thumbprint, 1226 * {@code null} if not specified. 1227 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 1228 * {@code null} if not specified. 1229 * @param x5c The X.509 certificate chain, {@code null} if not 1230 * specified. 1231 * @param exp The key expiration time, {@code null} if not 1232 * specified. 1233 * @param nbf The key not-before time, {@code null} if not 1234 * specified. 1235 * @param iat The key issued-at time, {@code null} if not 1236 * specified. 1237 * @param revocation The key revocation, {@code null} if not specified. 1238 * @param ks Reference to the underlying key store, 1239 * {@code null} if not specified. 1240 */ 1241 public RSAKey(final Base64URL n, final Base64URL e, 1242 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1243 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1244 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 1245 final KeyStore ks) { 1246 1247 // Call the full constructor, all private key parameters are null 1248 this(n, e, null, null, null, null, null, null, null, null, use, ops, alg, kid, 1249 x5u, x5t, x5t256, x5c, 1250 exp, nbf, iat, revocation, 1251 ks); 1252 } 1253 1254 1255 /** 1256 * Creates a new public / private RSA JSON Web Key (JWK) with the 1257 * specified parameters. The private RSA key is specified by its first 1258 * representation (see RFC 3447, section 3.2). 1259 * 1260 * @param n The modulus value for the public RSA key. It is 1261 * represented as the Base64URL encoding of value's big 1262 * endian representation. Must not be {@code null}. 1263 * @param e The exponent value for the public RSA key. It is 1264 * represented as the Base64URL encoding of value's big 1265 * endian representation. Must not be {@code null}. 1266 * @param d The private exponent. It is represented as the 1267 * Base64URL encoding of the value's big endian 1268 * representation. Must not be {@code null}. 1269 * @param use The key use, {@code null} if not specified or if the 1270 * key is intended for signing as well as encryption. 1271 * @param ops The key operations, {@code null} if not specified. 1272 * @param alg The intended JOSE algorithm for the key, {@code null} 1273 * if not specified. 1274 * @param kid The key ID, {@code null} if not specified. 1275 * @param x5u The X.509 certificate URL, {@code null} if not 1276 * specified. 1277 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1278 * if not specified. 1279 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1280 * if not specified. 1281 * @param x5c The X.509 certificate chain, {@code null} if not 1282 * specified. 1283 * @param ks Reference to the underlying key store, {@code null} if 1284 * not specified. 1285 */ 1286 @Deprecated 1287 public RSAKey(final Base64URL n, final Base64URL e, final Base64URL d, 1288 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1289 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1290 final KeyStore ks) { 1291 1292 this(n, e, d, null, null, null, null, null, null, null, use, ops, alg, kid, 1293 x5u, x5t, x5t256, x5c, 1294 null, null, null, 1295 ks); 1296 } 1297 1298 1299 /** 1300 * Creates a new public / private RSA JSON Web Key (JWK) with the 1301 * specified parameters. The private RSA key is specified by its first 1302 * representation (see RFC 3447, section 3.2). 1303 * 1304 * @param n The modulus value for the public RSA key. It is 1305 * represented as the Base64URL encoding of value's big 1306 * endian representation. Must not be {@code null}. 1307 * @param e The exponent value for the public RSA key. It is 1308 * represented as the Base64URL encoding of value's big 1309 * endian representation. Must not be {@code null}. 1310 * @param d The private exponent. It is represented as the 1311 * Base64URL encoding of the value's big endian 1312 * representation. Must not be {@code null}. 1313 * @param use The key use, {@code null} if not specified or if the 1314 * key is intended for signing as well as encryption. 1315 * @param ops The key operations, {@code null} if not specified. 1316 * @param alg The intended JOSE algorithm for the key, {@code null} 1317 * if not specified. 1318 * @param kid The key ID, {@code null} if not specified. 1319 * @param x5u The X.509 certificate URL, {@code null} if not 1320 * specified. 1321 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1322 * if not specified. 1323 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1324 * if not specified. 1325 * @param x5c The X.509 certificate chain, {@code null} if not 1326 * specified. 1327 * @param exp The key expiration time, {@code null} if not 1328 * specified. 1329 * @param nbf The key not-before time, {@code null} if not 1330 * specified. 1331 * @param iat The key issued-at time, {@code null} if not specified. 1332 * @param ks Reference to the underlying key store, {@code null} if 1333 * not specified. 1334 */ 1335 @Deprecated 1336 public RSAKey(final Base64URL n, final Base64URL e, final Base64URL d, 1337 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1338 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1339 final Date exp, final Date nbf, final Date iat, 1340 final KeyStore ks) { 1341 1342 this(n, e, d, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 1343 } 1344 1345 1346 // JWK public + private rep 1 1347 /** 1348 * Creates a new public / private RSA JSON Web Key (JWK) with the 1349 * specified parameters. The private RSA key is specified by its first 1350 * representation (see RFC 3447, section 3.2). 1351 * 1352 * @param n The modulus value for the public RSA key. It is 1353 * represented as the Base64URL encoding of value's 1354 * big endian representation. Must not be 1355 * {@code null}. 1356 * @param e The exponent value for the public RSA key. It is 1357 * represented as the Base64URL encoding of value's 1358 * big endian representation. Must not be 1359 * {@code null}. 1360 * @param d The private exponent. It is represented as the 1361 * Base64URL encoding of the value's big endian 1362 * representation. Must not be {@code null}. 1363 * @param use The key use, {@code null} if not specified or if 1364 * the key is intended for signing as well as 1365 * encryption. 1366 * @param ops The key operations, {@code null} if not specified. 1367 * @param alg The intended JOSE algorithm for the key, 1368 * {@code null} if not specified. 1369 * @param kid The key ID, {@code null} if not specified. 1370 * @param x5u The X.509 certificate URL, {@code null} if not 1371 * specified. 1372 * @param x5t The X.509 certificate SHA-1 thumbprint, 1373 * {@code null} if not specified. 1374 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 1375 * {@code null} if not specified. 1376 * @param x5c The X.509 certificate chain, {@code null} if not 1377 * specified. 1378 * @param exp The key expiration time, {@code null} if not 1379 * specified. 1380 * @param nbf The key not-before time, {@code null} if not 1381 * specified. 1382 * @param iat The key issued-at time, {@code null} if not 1383 * specified. 1384 * @param revocation The key revocation, {@code null} if not specified. 1385 * @param ks Reference to the underlying key store, 1386 * {@code null} if not specified. 1387 */ 1388 public RSAKey(final Base64URL n, final Base64URL e, final Base64URL d, 1389 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1390 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1391 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 1392 final KeyStore ks) { 1393 1394 // Call the full constructor, the second private representation 1395 // parameters are all null 1396 this(n, e, d, null, null, null, null, null, null, null, use, ops, alg, kid, 1397 x5u, x5t, x5t256, x5c, exp, nbf, iat, revocation, ks); 1398 1399 Objects.requireNonNull(d, "The private exponent must not be null"); 1400 } 1401 1402 1403 /** 1404 * Creates a new public / private RSA JSON Web Key (JWK) with the 1405 * specified parameters. The private RSA key is specified by its 1406 * second representation (see RFC 3447, section 3.2). 1407 * 1408 * @param n The modulus value for the public RSA key. It is 1409 * represented as the Base64URL encoding of value's big 1410 * endian representation. Must not be {@code null}. 1411 * @param e The exponent value for the public RSA key. It is 1412 * represented as the Base64URL encoding of value's big 1413 * endian representation. Must not be {@code null}. 1414 * @param p The first prime factor. It is represented as the 1415 * Base64URL encoding of the value's big endian 1416 * representation. Must not be {@code null}. 1417 * @param q The second prime factor. It is represented as the 1418 * Base64URL encoding of the value's big endian 1419 * representation. Must not be {@code null}. 1420 * @param dp The first factor Chinese Remainder Theorem exponent. 1421 * It is represented as the Base64URL encoding of the 1422 * value's big endian representation. Must not be 1423 * {@code null}. 1424 * @param dq The second factor Chinese Remainder Theorem exponent. 1425 * It is represented as the Base64URL encoding of the 1426 * value's big endian representation. Must not be 1427 * {@code null}. 1428 * @param qi The first Chinese Remainder Theorem coefficient. It is 1429 * represented as the Base64URL encoding of the value's 1430 * big endian representation. Must not be {@code null}. 1431 * @param oth The other primes information, should they exist, 1432 * {@code null} or an empty list if not specified. 1433 * @param use The key use, {@code null} if not specified or if the 1434 * key is intended for signing as well as encryption. 1435 * @param ops The key operations, {@code null} if not specified. 1436 * @param alg The intended JOSE algorithm for the key, {@code null} 1437 * if not specified. 1438 * @param kid The key ID, {@code null} if not specified. 1439 * @param x5u The X.509 certificate URL, {@code null} if not 1440 * specified. 1441 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1442 * if not specified. 1443 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1444 * if not specified. 1445 * @param x5c The X.509 certificate chain, {@code null} if not 1446 * specified. 1447 * @param ks Reference to the underlying key store, {@code null} if 1448 * not specified. 1449 */ 1450 @Deprecated 1451 public RSAKey(final Base64URL n, final Base64URL e, 1452 final Base64URL p, final Base64URL q, 1453 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1454 final List<OtherPrimesInfo> oth, 1455 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1456 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1457 final KeyStore ks) { 1458 1459 this(n, e, null, p, q, dp, dq, qi, oth, null, use, ops, alg, kid, 1460 x5u, x5t, x5t256, x5c, 1461 null, null, null, 1462 ks); 1463 } 1464 1465 1466 /** 1467 * Creates a new public / private RSA JSON Web Key (JWK) with the 1468 * specified parameters. The private RSA key is specified by its 1469 * second representation (see RFC 3447, section 3.2). 1470 * 1471 * @param n The modulus value for the public RSA key. It is 1472 * represented as the Base64URL encoding of value's big 1473 * endian representation. Must not be {@code null}. 1474 * @param e The exponent value for the public RSA key. It is 1475 * represented as the Base64URL encoding of value's big 1476 * endian representation. Must not be {@code null}. 1477 * @param p The first prime factor. It is represented as the 1478 * Base64URL encoding of the value's big endian 1479 * representation. Must not be {@code null}. 1480 * @param q The second prime factor. It is represented as the 1481 * Base64URL encoding of the value's big endian 1482 * representation. Must not be {@code null}. 1483 * @param dp The first factor Chinese Remainder Theorem exponent. 1484 * It is represented as the Base64URL encoding of the 1485 * value's big endian representation. Must not be 1486 * {@code null}. 1487 * @param dq The second factor Chinese Remainder Theorem exponent. 1488 * It is represented as the Base64URL encoding of the 1489 * value's big endian representation. Must not be 1490 * {@code null}. 1491 * @param qi The first Chinese Remainder Theorem coefficient. It is 1492 * represented as the Base64URL encoding of the value's 1493 * big endian representation. Must not be {@code null}. 1494 * @param oth The other primes information, should they exist, 1495 * {@code null} or an empty list if not specified. 1496 * @param use The key use, {@code null} if not specified or if the 1497 * key is intended for signing as well as encryption. 1498 * @param ops The key operations, {@code null} if not specified. 1499 * @param alg The intended JOSE algorithm for the key, {@code null} 1500 * if not specified. 1501 * @param kid The key ID, {@code null} if not specified. 1502 * @param x5u The X.509 certificate URL, {@code null} if not 1503 * specified. 1504 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1505 * if not specified. 1506 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1507 * if not specified. 1508 * @param x5c The X.509 certificate chain, {@code null} if not 1509 * specified. 1510 * @param exp The key expiration time, {@code null} if not 1511 * specified. 1512 * @param nbf The key not-before time, {@code null} if not 1513 * specified. 1514 * @param iat The key issued-at time, {@code null} if not specified. 1515 * @param ks Reference to the underlying key store, {@code null} if 1516 * not specified. 1517 */ 1518 @Deprecated 1519 public RSAKey(final Base64URL n, final Base64URL e, 1520 final Base64URL p, final Base64URL q, 1521 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1522 final List<OtherPrimesInfo> oth, 1523 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1524 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1525 final Date exp, final Date nbf, final Date iat, 1526 final KeyStore ks) { 1527 1528 this(n, e, p, q, dp, dq, qi, oth, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 1529 } 1530 1531 1532 // JWK public + private rep 2 1533 /** 1534 * Creates a new public / private RSA JSON Web Key (JWK) with the 1535 * specified parameters. The private RSA key is specified by its 1536 * second representation (see RFC 3447, section 3.2). 1537 * 1538 * @param n The modulus value for the public RSA key. It is 1539 * represented as the Base64URL encoding of value's 1540 * big endian representation. Must not be 1541 * {@code null}. 1542 * @param e The exponent value for the public RSA key. It is 1543 * represented as the Base64URL encoding of value's 1544 * big endian representation. Must not be 1545 * {@code null}. 1546 * @param p The first prime factor. It is represented as the 1547 * Base64URL encoding of the value's big endian 1548 * representation. Must not be {@code null}. 1549 * @param q The second prime factor. It is represented as the 1550 * Base64URL encoding of the value's big endian 1551 * representation. Must not be {@code null}. 1552 * @param dp The first factor Chinese Remainder Theorem 1553 * exponent. It is represented as the Base64URL 1554 * encoding of the value's big endian representation. 1555 * Must not be {@code null}. 1556 * @param dq The second factor Chinese Remainder Theorem 1557 * exponent. It is represented as the Base64URL 1558 * encoding of the value's big endian representation. 1559 * Must not be {@code null}. 1560 * @param qi The first Chinese Remainder Theorem coefficient. 1561 * It is represented as the Base64URL encoding of the 1562 * value's big endian representation. Must not be 1563 * {@code null}. 1564 * @param oth The other primes information, should they exist, 1565 * {@code null} or an empty list if not specified. 1566 * @param use The key use, {@code null} if not specified or if 1567 * the key is intended for signing as well as 1568 * encryption. 1569 * @param ops The key operations, {@code null} if not specified. 1570 * @param alg The intended JOSE algorithm for the key, 1571 * {@code null} if not specified. 1572 * @param kid The key ID, {@code null} if not specified. 1573 * @param x5u The X.509 certificate URL, {@code null} if not 1574 * specified. 1575 * @param x5t The X.509 certificate SHA-1 thumbprint, 1576 * {@code null} if not specified. 1577 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 1578 * {@code null} 1579 * if not specified. 1580 * @param x5c The X.509 certificate chain, {@code null} if not 1581 * specified. 1582 * @param exp The key expiration time, {@code null} if not 1583 * specified. 1584 * @param nbf The key not-before time, {@code null} if not 1585 * specified. 1586 * @param iat The key issued-at time, {@code null} if not 1587 * specified. 1588 * @param revocation The key revocation, {@code null} if not specified. 1589 * @param ks Reference to the underlying key store, 1590 * {@code null} if not specified. 1591 */ 1592 public RSAKey(final Base64URL n, final Base64URL e, 1593 final Base64URL p, final Base64URL q, 1594 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1595 final List<OtherPrimesInfo> oth, 1596 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1597 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1598 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 1599 final KeyStore ks) { 1600 1601 // Call the full constructor, the first private representation 1602 // d param is null 1603 this(n, e, null, p, q, dp, dq, qi, oth, null, use, ops, alg, kid, 1604 x5u, x5t, x5t256, x5c, 1605 exp, nbf, iat, revocation, 1606 ks); 1607 1608 Objects.requireNonNull(p, "The first prime factor must not be null"); 1609 Objects.requireNonNull(q, "The second prime factor must not be null"); 1610 Objects.requireNonNull(dp, "The first factor CRT exponent must not be null"); 1611 Objects.requireNonNull(dq, "The second factor CRT exponent must not be null"); 1612 Objects.requireNonNull(qi, "The first CRT coefficient must not be null"); 1613 } 1614 1615 1616 /** 1617 * Creates a new public / private RSA JSON Web Key (JWK) with the 1618 * specified parameters. The private RSA key is specified by both its 1619 * first and second representations (see RFC 3447, section 3.2). 1620 * 1621 * <p>A valid first private RSA key representation must specify the 1622 * {@code d} parameter. 1623 * 1624 * <p>A valid second private RSA key representation must specify all 1625 * required Chinese Remainder Theorem (CRT) parameters - {@code p}, 1626 * {@code q}, {@code dp}, {@code dq} and {@code qi}, else an 1627 * {@link java.lang.IllegalArgumentException} will be thrown. 1628 * 1629 * @param n The modulus value for the public RSA key. It is 1630 * represented as the Base64URL encoding of value's big 1631 * endian representation. Must not be {@code null}. 1632 * @param e The exponent value for the public RSA key. It is 1633 * represented as the Base64URL encoding of value's big 1634 * endian representation. Must not be {@code null}. 1635 * @param d The private exponent. It is represented as the 1636 * Base64URL encoding of the value's big endian 1637 * representation. May be {@code null}. 1638 * @param p The first prime factor. It is represented as the 1639 * Base64URL encoding of the value's big endian 1640 * representation. May be {@code null}. 1641 * @param q The second prime factor. It is represented as the 1642 * Base64URL encoding of the value's big endian 1643 * representation. May be {@code null}. 1644 * @param dp The first factor Chinese Remainder Theorem exponent. 1645 * It is represented as the Base64URL encoding of the 1646 * value's big endian representation. May be {@code null}. 1647 * @param dq The second factor Chinese Remainder Theorem exponent. 1648 * It is represented as the Base64URL encoding of the 1649 * value's big endian representation. May be 1650 * {@code null}. 1651 * @param qi The first Chinese Remainder Theorem coefficient. It is 1652 * represented as the Base64URL encoding of the value's 1653 * big endian representation. May be {@code null}. 1654 * @param oth The other primes information, should they exist, 1655 * {@code null} or an empty list if not specified. 1656 * @param use The key use, {@code null} if not specified or if the 1657 * key is intended for signing as well as encryption. 1658 * @param ops The key operations, {@code null} if not specified. 1659 * @param alg The intended JOSE algorithm for the key, {@code null} 1660 * if not specified. 1661 * @param kid The key ID, {@code null} if not specified. 1662 * @param x5u The X.509 certificate URL, {@code null} if not 1663 * specified. 1664 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1665 * if not specified. 1666 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1667 * if not specified. 1668 * @param x5c The X.509 certificate chain, {@code null} if not 1669 * specified. 1670 */ 1671 @Deprecated 1672 public RSAKey(final Base64URL n, final Base64URL e, 1673 final Base64URL d, 1674 final Base64URL p, final Base64URL q, 1675 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1676 final List<OtherPrimesInfo> oth, 1677 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1678 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c) { 1679 1680 this(n, e, d, p, q, dp, dq, qi, oth, null, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null); 1681 } 1682 1683 1684 /** 1685 * Creates a new public / private RSA JSON Web Key (JWK) with the 1686 * specified parameters. The private RSA key can be specified by its 1687 * first representation, its second representation (see RFC 3447, 1688 * section 3.2), or by a PKCS#11 handle as {@link PrivateKey}. 1689 * 1690 * <p>A valid first private RSA key representation must specify the 1691 * {@code d} parameter. 1692 * 1693 * <p>A valid second private RSA key representation must specify all 1694 * required Chinese Remainder Theorem (CRT) parameters - {@code p}, 1695 * {@code q}, {@code dp}, {@code dq} and {@code qi}, else an 1696 * {@link java.lang.IllegalArgumentException} will be thrown. 1697 * 1698 * @param n The modulus value for the public RSA key. It is 1699 * represented as the Base64URL encoding of value's big 1700 * endian representation. Must not be {@code null}. 1701 * @param e The exponent value for the public RSA key. It is 1702 * represented as the Base64URL encoding of value's big 1703 * endian representation. Must not be {@code null}. 1704 * @param d The private exponent. It is represented as the 1705 * Base64URL encoding of the value's big endian 1706 * representation. May be {@code null}. 1707 * @param p The first prime factor. It is represented as the 1708 * Base64URL encoding of the value's big endian 1709 * representation. May be {@code null}. 1710 * @param q The second prime factor. It is represented as the 1711 * Base64URL encoding of the value's big endian 1712 * representation. May be {@code null}. 1713 * @param dp The first factor Chinese Remainder Theorem exponent. 1714 * It is represented as the Base64URL encoding of the 1715 * value's big endian representation. May be 1716 * {@code null}. 1717 * @param dq The second factor Chinese Remainder Theorem exponent. 1718 * It is represented as the Base64URL encoding of the 1719 * value's big endian representation. May be 1720 * {@code null}. 1721 * @param qi The first Chinese Remainder Theorem coefficient. It is 1722 * represented as the Base64URL encoding of the value's 1723 * big endian representation. May be {@code null}. 1724 * @param oth The other primes information, should they exist, 1725 * {@code null} or an empty list if not specified. 1726 * @param prv The PKCS#11 handle as {@link PrivateKey}. May be 1727 * {@code null}. 1728 * @param use The key use, {@code null} if not specified or if the 1729 * key is intended for signing as well as encryption. 1730 * @param ops The key operations, {@code null} if not specified. 1731 * @param alg The intended JOSE algorithm for the key, {@code null} 1732 * if not specified. 1733 * @param kid The key ID, {@code null} if not specified. 1734 * @param x5u The X.509 certificate URL, {@code null} if not 1735 * specified. 1736 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1737 * if not specified. 1738 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1739 * if not specified. 1740 * @param x5c The X.509 certificate chain, {@code null} if not 1741 * specified. 1742 * @param ks Reference to the underlying key store, {@code null} if 1743 * not specified. 1744 */ 1745 @Deprecated 1746 public RSAKey(final Base64URL n, final Base64URL e, 1747 final Base64URL d, 1748 final Base64URL p, final Base64URL q, 1749 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1750 final List<OtherPrimesInfo> oth, 1751 final PrivateKey prv, 1752 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1753 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1754 final KeyStore ks) { 1755 1756 this(n, e, d, p, q, dp, dq, qi, oth, prv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 1757 } 1758 1759 1760 /** 1761 * Creates a new public / private RSA JSON Web Key (JWK) with the 1762 * specified parameters. The private RSA key can be specified by its 1763 * first representation, its second representation (see RFC 3447, 1764 * section 3.2), or by a PKCS#11 handle as {@link PrivateKey}. 1765 * 1766 * <p>A valid first private RSA key representation must specify the 1767 * {@code d} parameter. 1768 * 1769 * <p>A valid second private RSA key representation must specify all 1770 * required Chinese Remainder Theorem (CRT) parameters - {@code p}, 1771 * {@code q}, {@code dp}, {@code dq} and {@code qi}, else an 1772 * {@link java.lang.IllegalArgumentException} will be thrown. 1773 * 1774 * @param n The modulus value for the public RSA key. It is 1775 * represented as the Base64URL encoding of value's big 1776 * endian representation. Must not be {@code null}. 1777 * @param e The exponent value for the public RSA key. It is 1778 * represented as the Base64URL encoding of value's big 1779 * endian representation. Must not be {@code null}. 1780 * @param d The private exponent. It is represented as the Base64URL 1781 * encoding of the value's big endian representation. May 1782 * be {@code null}. 1783 * @param p The first prime factor. It is represented as the 1784 * Base64URL encoding of the value's big endian 1785 * representation. May be {@code null}. 1786 * @param q The second prime factor. It is represented as the 1787 * Base64URL encoding of the value's big endian 1788 * representation. May be {@code null}. 1789 * @param dp The first factor Chinese Remainder Theorem exponent. It 1790 * is represented as the Base64URL encoding of the value's 1791 * big endian representation. May be {@code null}. 1792 * @param dq The second factor Chinese Remainder Theorem exponent. It 1793 * is represented as the Base64URL encoding of the value's 1794 * big endian representation. May be {@code null}. 1795 * @param qi The first Chinese Remainder Theorem coefficient. It is 1796 * represented as the Base64URL encoding of the value's big 1797 * endian representation. May be {@code null}. 1798 * @param oth The other primes information, should they exist, 1799 * {@code null} or an empty list if not specified. 1800 * @param prv The PKCS#11 handle as {@link PrivateKey}. May be 1801 * {@code null}. 1802 * @param use The key use, {@code null} if not specified or if the key 1803 * is intended for signing as well as encryption. 1804 * @param ops The key operations, {@code null} if not specified. 1805 * @param alg The intended JOSE algorithm for the key, {@code null} if 1806 * not specified. 1807 * @param kid The key ID, {@code null} if not specified. 1808 * @param x5u The X.509 certificate URL, {@code null} if not specified. 1809 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1810 * if not specified. 1811 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1812 * if not specified. 1813 * @param x5c The X.509 certificate chain, {@code null} if not 1814 * specified. 1815 * @param exp The key expiration time, {@code null} if not 1816 * specified. 1817 * @param nbf The key not-before time, {@code null} if not 1818 * specified. 1819 * @param iat The key issued-at time, {@code null} if not specified. 1820 * @param ks Reference to the underlying key store, {@code null} if 1821 * not specified. 1822 */ 1823 @Deprecated 1824 public RSAKey(final Base64URL n, final Base64URL e, 1825 final Base64URL d, 1826 final Base64URL p, final Base64URL q, 1827 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1828 final List<OtherPrimesInfo> oth, 1829 final PrivateKey prv, 1830 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1831 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1832 final Date exp, final Date nbf, final Date iat, 1833 final KeyStore ks) { 1834 1835 this(n, e, d, p, q, dp, dq, qi, oth, prv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 1836 } 1837 1838 1839 // JWK + private rep 1/2/handle 1840 /** 1841 * Creates a new public / private RSA JSON Web Key (JWK) with the 1842 * specified parameters. The private RSA key can be specified by its 1843 * first representation, its second representation (see RFC 3447, 1844 * section 3.2), or by a PKCS#11 handle as {@link PrivateKey}. 1845 * 1846 * <p>A valid first private RSA key representation must specify the 1847 * {@code d} parameter. 1848 * 1849 * <p>A valid second private RSA key representation must specify all 1850 * required Chinese Remainder Theorem (CRT) parameters - {@code p}, 1851 * {@code q}, {@code dp}, {@code dq} and {@code qi}, else an 1852 * {@link java.lang.IllegalArgumentException} will be thrown. 1853 * 1854 * @param n The modulus value for the public RSA key. It is 1855 * represented as the Base64URL encoding of value's big 1856 * endian representation. Must not be {@code null}. 1857 * @param e The exponent value for the public RSA key. It is 1858 * represented as the Base64URL encoding of value's big 1859 * endian representation. Must not be {@code null}. 1860 * @param d The private exponent. It is represented as the Base64URL 1861 * encoding of the value's big endian representation. May 1862 * be {@code null}. 1863 * @param p The first prime factor. It is represented as the 1864 * Base64URL encoding of the value's big endian 1865 * representation. May be {@code null}. 1866 * @param q The second prime factor. It is represented as the 1867 * Base64URL encoding of the value's big endian 1868 * representation. May be {@code null}. 1869 * @param dp The first factor Chinese Remainder Theorem exponent. It 1870 * is represented as the Base64URL encoding of the value's 1871 * big endian representation. May be {@code null}. 1872 * @param dq The second factor Chinese Remainder Theorem exponent. It 1873 * is represented as the Base64URL encoding of the value's 1874 * big endian representation. May be {@code null}. 1875 * @param qi The first Chinese Remainder Theorem coefficient. It is 1876 * represented as the Base64URL encoding of the value's big 1877 * endian representation. May be {@code null}. 1878 * @param oth The other primes information, should they exist, 1879 * {@code null} or an empty list if not specified. 1880 * @param prv The PKCS#11 handle as {@link PrivateKey}. May be 1881 * {@code null}. 1882 * @param use The key use, {@code null} if not specified or if the key 1883 * is intended for signing as well as encryption. 1884 * @param ops The key operations, {@code null} if not specified. 1885 * @param alg The intended JOSE algorithm for the key, {@code null} if 1886 * not specified. 1887 * @param kid The key ID, {@code null} if not specified. 1888 * @param x5u The X.509 certificate URL, {@code null} if not specified. 1889 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1890 * if not specified. 1891 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 1892 * if not specified. 1893 * @param x5c The X.509 certificate chain, {@code null} if not 1894 * specified. 1895 * @param exp The key expiration time, {@code null} if not 1896 * specified. 1897 * @param nbf The key not-before time, {@code null} if not 1898 * specified. 1899 * @param iat The key issued-at time, {@code null} if not specified. 1900 * @param revocation The key revocation, {@code null} if not specified. 1901 * @param ks Reference to the underlying key store, {@code null} if 1902 * not specified. 1903 */ 1904 public RSAKey(final Base64URL n, final Base64URL e, 1905 final Base64URL d, 1906 final Base64URL p, final Base64URL q, 1907 final Base64URL dp, final Base64URL dq, final Base64URL qi, 1908 final List<OtherPrimesInfo> oth, 1909 final PrivateKey prv, 1910 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 1911 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 1912 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 1913 final KeyStore ks) { 1914 1915 super(KeyType.RSA, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, revocation, ks); 1916 1917 1918 // Ensure the public params are defined 1919 1920 this.n = Objects.requireNonNull(n, "The modulus value must not be null"); 1921 this.e = Objects.requireNonNull(e, "The public exponent value must not be null"); 1922 1923 if (getParsedX509CertChain() != null) { 1924 if (! matches(getParsedX509CertChain().get(0))) 1925 throw new IllegalArgumentException("The public subject key info of the first X.509 certificate in the chain must match the JWK type and public parameters"); 1926 } 1927 1928 // Private params, 1st representation 1929 1930 this.d = d; 1931 1932 1933 // Private params, 2nd representation, check for consistency 1934 1935 if (p != null && q != null && dp != null && dq != null && qi != null) { 1936 1937 // CRT params fully specified 1938 this.p = p; 1939 this.q = q; 1940 this.dp = dp; 1941 this.dq = dq; 1942 this.qi = qi; 1943 1944 // Other RSA primes info optional, default to empty list 1945 if (oth != null) { 1946 this.oth = Collections.unmodifiableList(oth); 1947 } else { 1948 this.oth = Collections.emptyList(); 1949 } 1950 1951 } else if (p == null && q == null && dp == null && dq == null && qi == null && oth == null) { 1952 1953 // No CRT params 1954 this.p = null; 1955 this.q = null; 1956 this.dp = null; 1957 this.dq = null; 1958 this.qi = null; 1959 1960 this.oth = Collections.emptyList(); 1961 1962 } else if (p != null || q != null || dp != null || dq != null || qi != null) { 1963 1964 Objects.requireNonNull(p, "Incomplete second private (CRT) representation: The first prime factor must not be null"); 1965 Objects.requireNonNull(q, "Incomplete second private (CRT) representation: The second prime factor must not be null"); 1966 Objects.requireNonNull(dp, "Incomplete second private (CRT) representation: The first factor CRT exponent must not be null"); 1967 Objects.requireNonNull(dq, "Incomplete second private (CRT) representation: The second factor CRT exponent must not be null"); 1968 throw new IllegalArgumentException("Incomplete second private (CRT) representation: The first CRT coefficient must not be null"); 1969 } else { 1970 // No CRT params 1971 this.p = null; 1972 this.q = null; 1973 this.dp = null; 1974 this.dq = null; 1975 this.qi = null; 1976 this.oth = Collections.emptyList(); 1977 } 1978 1979 this.privateKey = prv; // PKCS#11 handle 1980 } 1981 1982 1983 /** 1984 * Creates a new public RSA JSON Web Key (JWK) with the specified 1985 * parameters. 1986 * 1987 * @param pub The public RSA key to represent. Must not be 1988 * {@code null}. 1989 * @param use The key use, {@code null} if not specified or if the 1990 * key is intended for signing as well as encryption. 1991 * @param ops The key operations, {@code null} if not specified. 1992 * @param alg The intended JOSE algorithm for the key, {@code null} 1993 * if not specified. 1994 * @param kid The key ID, {@code null} if not specified. 1995 * @param x5u The X.509 certificate URL, {@code null} if not 1996 * specified. 1997 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 1998 * if not specified. 1999 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2000 * if not specified. 2001 * @param x5c The X.509 certificate chain, {@code null} if not 2002 * specified. 2003 * @param ks Reference to the underlying key store, {@code null} if 2004 * not specified. 2005 */ 2006 @Deprecated 2007 public RSAKey(final RSAPublicKey pub, 2008 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2009 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2010 final KeyStore ks) { 2011 2012 this(pub, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 2013 } 2014 2015 2016 /** 2017 * Creates a new public RSA JSON Web Key (JWK) with the specified 2018 * parameters. 2019 * 2020 * @param pub The public RSA key to represent. Must not be 2021 * {@code null}. 2022 * @param use The key use, {@code null} if not specified or if the 2023 * key is intended for signing as well as encryption. 2024 * @param ops The key operations, {@code null} if not specified. 2025 * @param alg The intended JOSE algorithm for the key, {@code null} 2026 * if not specified. 2027 * @param kid The key ID, {@code null} if not specified. 2028 * @param x5u The X.509 certificate URL, {@code null} if not 2029 * specified. 2030 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2031 * if not specified. 2032 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2033 * if not specified. 2034 * @param x5c The X.509 certificate chain, {@code null} if not 2035 * specified. 2036 * @param exp The key expiration time, {@code null} if not 2037 * specified. 2038 * @param nbf The key not-before time, {@code null} if not 2039 * specified. 2040 * @param iat The key issued-at time, {@code null} if not specified. 2041 * @param ks Reference to the underlying key store, {@code null} if 2042 * not specified. 2043 */ 2044 @Deprecated 2045 public RSAKey(final RSAPublicKey pub, 2046 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2047 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2048 final Date exp, final Date nbf, final Date iat, 2049 final KeyStore ks) { 2050 2051 this(pub, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 2052 } 2053 2054 2055 // Java public 2056 /** 2057 * Creates a new public RSA JSON Web Key (JWK) with the specified 2058 * parameters. 2059 * 2060 * @param pub The public RSA key to represent. Must not be 2061 * {@code null}. 2062 * @param use The key use, {@code null} if not specified or if 2063 * the key is intended for signing as well as 2064 * encryption. 2065 * @param ops The key operations, {@code null} if not specified. 2066 * @param alg The intended JOSE algorithm for the key, 2067 * {@code null} if not specified. 2068 * @param kid The key ID, {@code null} if not specified. 2069 * @param x5u The X.509 certificate URL, {@code null} if not 2070 * specified. 2071 * @param x5t The X.509 certificate SHA-1 thumbprint, 2072 * {@code null} if not specified. 2073 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 2074 * {@code null} if not specified. 2075 * @param x5c The X.509 certificate chain, {@code null} if not 2076 * specified. 2077 * @param exp The key expiration time, {@code null} if not 2078 * specified. 2079 * @param nbf The key not-before time, {@code null} if not 2080 * specified. 2081 * @param iat The key issued-at time, {@code null} if not 2082 * specified. 2083 * @param revocation The key revocation, {@code null} if not specified. 2084 * @param ks Reference to the underlying key store, 2085 * {@code null} if not specified. 2086 */ 2087 public RSAKey(final RSAPublicKey pub, 2088 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2089 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2090 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 2091 final KeyStore ks) { 2092 2093 this(Base64URL.encode(pub.getModulus()), 2094 Base64URL.encode(pub.getPublicExponent()), 2095 use, ops, alg, kid, 2096 x5u, x5t, x5t256, x5c, 2097 exp, nbf, iat, revocation, 2098 ks); 2099 } 2100 2101 2102 /** 2103 * Creates a new public / private RSA JSON Web Key (JWK) with the 2104 * specified parameters. The private RSA key is specified by its first 2105 * representation (see RFC 3447, section 3.2). 2106 * 2107 * @param pub The public RSA key to represent. Must not be 2108 * {@code null}. 2109 * @param priv The private RSA key to represent. Must not be 2110 * {@code null}. 2111 * @param use The key use, {@code null} if not specified or if the 2112 * key is intended for signing as well as encryption. 2113 * @param ops The key operations, {@code null} if not specified. 2114 * @param alg The intended JOSE algorithm for the key, {@code null} 2115 * if not specified. 2116 * @param kid The key ID, {@code null} if not specified. 2117 * @param x5u The X.509 certificate URL, {@code null} if not 2118 * specified. 2119 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2120 * if not specified. 2121 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2122 * if not specified. 2123 * @param x5c The X.509 certificate chain, {@code null} if not 2124 * specified. 2125 * @param ks Reference to the underlying key store, {@code null} if 2126 * not specified. 2127 */ 2128 @Deprecated 2129 public RSAKey(final RSAPublicKey pub, final RSAPrivateKey priv, 2130 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2131 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2132 final KeyStore ks) { 2133 2134 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 2135 } 2136 2137 2138 /** 2139 * Creates a new public / private RSA JSON Web Key (JWK) with the 2140 * specified parameters. The private RSA key is specified by its first 2141 * representation (see RFC 3447, section 3.2). 2142 * 2143 * @param pub The public RSA key to represent. Must not be 2144 * {@code null}. 2145 * @param priv The private RSA key to represent. Must not be 2146 * {@code null}. 2147 * @param use The key use, {@code null} if not specified or if the 2148 * key is intended for signing as well as encryption. 2149 * @param ops The key operations, {@code null} if not specified. 2150 * @param alg The intended JOSE algorithm for the key, {@code null} 2151 * if not specified. 2152 * @param kid The key ID, {@code null} if not specified. 2153 * @param x5u The X.509 certificate URL, {@code null} if not 2154 * specified. 2155 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2156 * if not specified. 2157 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2158 * if not specified. 2159 * @param x5c The X.509 certificate chain, {@code null} if not 2160 * specified. 2161 * @param exp The key expiration time, {@code null} if not 2162 * specified. 2163 * @param nbf The key not-before time, {@code null} if not 2164 * specified. 2165 * @param iat The key issued-at time, {@code null} if not specified. 2166 * @param ks Reference to the underlying key store, {@code null} if 2167 * not specified. 2168 */ 2169 @Deprecated 2170 public RSAKey(final RSAPublicKey pub, final RSAPrivateKey priv, 2171 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2172 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2173 final Date exp, final Date nbf, final Date iat, 2174 final KeyStore ks) { 2175 2176 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 2177 } 2178 2179 2180 // Java public + private rep 1 2181 /** 2182 * Creates a new public / private RSA JSON Web Key (JWK) with the 2183 * specified parameters. The private RSA key is specified by its first 2184 * representation (see RFC 3447, section 3.2). 2185 * 2186 * @param pub The public RSA key to represent. Must not be 2187 * {@code null}. 2188 * @param priv The private RSA key to represent. Must not be 2189 * {@code null}. 2190 * @param use The key use, {@code null} if not specified or if 2191 * the key is intended for signing as well as 2192 * encryption. 2193 * @param ops The key operations, {@code null} if not specified. 2194 * @param alg The intended JOSE algorithm for the key, 2195 * {@code null} if not specified. 2196 * @param kid The key ID, {@code null} if not specified. 2197 * @param x5u The X.509 certificate URL, {@code null} if not 2198 * specified. 2199 * @param x5t The X.509 certificate SHA-1 thumbprint, 2200 * {@code null} if not specified. 2201 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 2202 * {@code null} if not specified. 2203 * @param x5c The X.509 certificate chain, {@code null} if not 2204 * specified. 2205 * @param exp The key expiration time, {@code null} if not 2206 * specified. 2207 * @param nbf The key not-before time, {@code null} if not 2208 * specified. 2209 * @param iat The key issued-at time, {@code null} if not 2210 * specified. 2211 * @param revocation The key revocation, {@code null} if not specified. 2212 * @param ks Reference to the underlying key store, 2213 * {@code null} if not specified. 2214 */ 2215 public RSAKey(final RSAPublicKey pub, final RSAPrivateKey priv, 2216 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2217 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2218 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 2219 final KeyStore ks) { 2220 2221 this(Base64URL.encode(pub.getModulus()), 2222 Base64URL.encode(pub.getPublicExponent()), 2223 Base64URL.encode(priv.getPrivateExponent()), 2224 use, ops, alg, kid, 2225 x5u, x5t, x5t256, x5c, 2226 exp, nbf, iat, revocation, 2227 ks); 2228 } 2229 2230 2231 /** 2232 * Creates a new public / private RSA JSON Web Key (JWK) with the 2233 * specified parameters. The private RSA key is specified by its second 2234 * representation (see RFC 3447, section 3.2). 2235 * 2236 * @param pub The public RSA key to represent. Must not be 2237 * {@code null}. 2238 * @param priv The private RSA key to represent. Must not be 2239 * {@code null}. 2240 * @param use The key use, {@code null} if not specified or if the 2241 * key is intended for signing as well as encryption. 2242 * @param ops The key operations, {@code null} if not specified. 2243 * @param alg The intended JOSE algorithm for the key, {@code null} 2244 * if not specified. 2245 * @param kid The key ID, {@code null} if not specified. 2246 * @param x5u The X.509 certificate URL, {@code null} if not 2247 * specified. 2248 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2249 * if not specified. 2250 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2251 * if not specified. 2252 * @param x5c The X.509 certificate chain, {@code null} if not 2253 * specified. 2254 * @param ks Reference to the underlying key store, {@code null} if 2255 * not specified. 2256 */ 2257 @Deprecated 2258 public RSAKey(final RSAPublicKey pub, final RSAPrivateCrtKey priv, 2259 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2260 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2261 final KeyStore ks) { 2262 2263 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 2264 } 2265 2266 2267 /** 2268 * Creates a new public / private RSA JSON Web Key (JWK) with the 2269 * specified parameters. The private RSA key is specified by its second 2270 * representation (see RFC 3447, section 3.2). 2271 * 2272 * @param pub The public RSA key to represent. Must not be 2273 * {@code null}. 2274 * @param priv The private RSA key to represent. Must not be 2275 * {@code null}. 2276 * @param use The key use, {@code null} if not specified or if the 2277 * key is intended for signing as well as encryption. 2278 * @param ops The key operations, {@code null} if not specified. 2279 * @param alg The intended JOSE algorithm for the key, {@code null} 2280 * if not specified. 2281 * @param kid The key ID, {@code null} if not specified. 2282 * @param x5u The X.509 certificate URL, {@code null} if not 2283 * specified. 2284 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2285 * if not specified. 2286 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2287 * if not specified. 2288 * @param x5c The X.509 certificate chain, {@code null} if not 2289 * specified. 2290 * @param exp The key expiration time, {@code null} if not 2291 * specified. 2292 * @param nbf The key not-before time, {@code null} if not 2293 * specified. 2294 * @param iat The key issued-at time, {@code null} if not specified. 2295 * @param ks Reference to the underlying key store, {@code null} if 2296 * not specified. 2297 */ 2298 @Deprecated 2299 public RSAKey(final RSAPublicKey pub, final RSAPrivateCrtKey priv, 2300 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2301 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2302 final Date exp, final Date nbf, final Date iat, 2303 final KeyStore ks) { 2304 2305 this(Base64URL.encode(pub.getModulus()), 2306 Base64URL.encode(pub.getPublicExponent()), 2307 Base64URL.encode(priv.getPrivateExponent()), 2308 Base64URL.encode(priv.getPrimeP()), 2309 Base64URL.encode(priv.getPrimeQ()), 2310 Base64URL.encode(priv.getPrimeExponentP()), 2311 Base64URL.encode(priv.getPrimeExponentQ()), 2312 Base64URL.encode(priv.getCrtCoefficient()), 2313 null, 2314 null, 2315 use, ops, alg, kid, 2316 x5u, x5t, x5t256, x5c, 2317 exp, nbf, iat, 2318 ks); 2319 } 2320 2321 2322 // Java public + private rep 2 2323 /** 2324 * Creates a new public / private RSA JSON Web Key (JWK) with the 2325 * specified parameters. The private RSA key is specified by its second 2326 * representation (see RFC 3447, section 3.2). 2327 * 2328 * @param pub The public RSA key to represent. Must not be 2329 * {@code null}. 2330 * @param priv The private RSA key to represent. Must not be 2331 * {@code null}. 2332 * @param use The key use, {@code null} if not specified or if 2333 * the key is intended for signing as well as 2334 * encryption. 2335 * @param ops The key operations, {@code null} if not specified. 2336 * @param alg The intended JOSE algorithm for the key, 2337 * {@code null} if not specified. 2338 * @param kid The key ID, {@code null} if not specified. 2339 * @param x5u The X.509 certificate URL, {@code null} if not 2340 * specified. 2341 * @param x5t The X.509 certificate SHA-1 thumbprint, 2342 * {@code null} if not specified. 2343 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 2344 * {@code null} if not specified. 2345 * @param x5c The X.509 certificate chain, {@code null} if not 2346 * specified. 2347 * @param exp The key expiration time, {@code null} if not 2348 * specified. 2349 * @param nbf The key not-before time, {@code null} if not 2350 * specified. 2351 * @param iat The key issued-at time, {@code null} if not 2352 * specified. 2353 * @param revocation The key revocation, {@code null} if not specified. 2354 * @param ks Reference to the underlying key store, 2355 * {@code null} if not specified. 2356 */ 2357 public RSAKey(final RSAPublicKey pub, final RSAPrivateCrtKey priv, 2358 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2359 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2360 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 2361 final KeyStore ks) { 2362 2363 this(Base64URL.encode(pub.getModulus()), 2364 Base64URL.encode(pub.getPublicExponent()), 2365 Base64URL.encode(priv.getPrivateExponent()), 2366 Base64URL.encode(priv.getPrimeP()), 2367 Base64URL.encode(priv.getPrimeQ()), 2368 Base64URL.encode(priv.getPrimeExponentP()), 2369 Base64URL.encode(priv.getPrimeExponentQ()), 2370 Base64URL.encode(priv.getCrtCoefficient()), 2371 null, 2372 null, 2373 use, ops, alg, kid, 2374 x5u, x5t, x5t256, x5c, 2375 exp, nbf, iat, revocation, 2376 ks); 2377 } 2378 2379 2380 /** 2381 * Creates a new public / private RSA JSON Web Key (JWK) with the 2382 * specified parameters. The private RSA key is specified by its second 2383 * representation, with optional other primes info (see RFC 3447, 2384 * section 3.2). 2385 * 2386 * @param pub The public RSA key to represent. Must not be 2387 * {@code null}. 2388 * @param priv The private RSA key to represent. Must not be 2389 * {@code null}. 2390 * @param use The key use, {@code null} if not specified or if the 2391 * key is intended for signing as well as encryption. 2392 * @param ops The key operations, {@code null} if not specified. 2393 * @param alg The intended JOSE algorithm for the key, {@code null} 2394 * if not specified. 2395 * @param kid The key ID, {@code null} if not specified. 2396 * @param x5u The X.509 certificate URL, {@code null} if not 2397 * specified. 2398 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2399 * if not specified. 2400 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2401 * if not specified. 2402 * @param x5c The X.509 certificate chain, {@code null} if not 2403 * specified. 2404 * @param ks Reference to the underlying key store, {@code null} if 2405 * not specified. 2406 */ 2407 @Deprecated 2408 public RSAKey(final RSAPublicKey pub, final RSAMultiPrimePrivateCrtKey priv, 2409 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2410 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2411 final KeyStore ks) { 2412 2413 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 2414 } 2415 2416 2417 /** 2418 * Creates a new public / private RSA JSON Web Key (JWK) with the 2419 * specified parameters. The private RSA key is specified by its second 2420 * representation, with optional other primes info (see RFC 3447, 2421 * section 3.2). 2422 * 2423 * @param pub The public RSA key to represent. Must not be 2424 * {@code null}. 2425 * @param priv The private RSA key to represent. Must not be 2426 * {@code null}. 2427 * @param use The key use, {@code null} if not specified or if the 2428 * key is intended for signing as well as encryption. 2429 * @param ops The key operations, {@code null} if not specified. 2430 * @param alg The intended JOSE algorithm for the key, {@code null} 2431 * if not specified. 2432 * @param kid The key ID, {@code null} if not specified. 2433 * @param x5u The X.509 certificate URL, {@code null} if not 2434 * specified. 2435 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2436 * if not specified. 2437 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2438 * if not specified. 2439 * @param x5c The X.509 certificate chain, {@code null} if not 2440 * specified. 2441 * @param exp The key expiration time, {@code null} if not 2442 * specified. 2443 * @param nbf The key not-before time, {@code null} if not 2444 * specified. 2445 * @param iat The key issued-at time, {@code null} if not specified. 2446 * @param ks Reference to the underlying key store, {@code null} if 2447 * not specified. 2448 */ 2449 @Deprecated 2450 public RSAKey(final RSAPublicKey pub, final RSAMultiPrimePrivateCrtKey priv, 2451 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2452 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2453 final Date exp, final Date nbf, final Date iat, 2454 final KeyStore ks) { 2455 2456 this(Base64URL.encode(pub.getModulus()), 2457 Base64URL.encode(pub.getPublicExponent()), 2458 Base64URL.encode(priv.getPrivateExponent()), 2459 Base64URL.encode(priv.getPrimeP()), 2460 Base64URL.encode(priv.getPrimeQ()), 2461 Base64URL.encode(priv.getPrimeExponentP()), 2462 Base64URL.encode(priv.getPrimeExponentQ()), 2463 Base64URL.encode(priv.getCrtCoefficient()), 2464 OtherPrimesInfo.toList(priv.getOtherPrimeInfo()), 2465 null, 2466 use, ops, alg, kid, 2467 x5u, x5t, x5t256, x5c, 2468 exp, nbf, iat, 2469 ks); 2470 } 2471 2472 2473 // Java public + private rep 2 other 2474 /** 2475 * Creates a new public / private RSA JSON Web Key (JWK) with the 2476 * specified parameters. The private RSA key is specified by its second 2477 * representation, with optional other primes info (see RFC 3447, 2478 * section 3.2). 2479 * 2480 * @param pub The public RSA key to represent. Must not be 2481 * {@code null}. 2482 * @param priv The private RSA key to represent. Must not be 2483 * {@code null}. 2484 * @param use The key use, {@code null} if not specified or if 2485 * the key is intended for signing as well as 2486 * encryption. 2487 * @param ops The key operations, {@code null} if not specified. 2488 * @param alg The intended JOSE algorithm for the key, 2489 * {@code null} if not specified. 2490 * @param kid The key ID, {@code null} if not specified. 2491 * @param x5u The X.509 certificate URL, {@code null} if not 2492 * specified. 2493 * @param x5t The X.509 certificate SHA-1 thumbprint, 2494 * {@code null} if not specified. 2495 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 2496 * {@code null} if not specified. 2497 * @param x5c The X.509 certificate chain, {@code null} if not 2498 * specified. 2499 * @param exp The key expiration time, {@code null} if not 2500 * specified. 2501 * @param nbf The key not-before time, {@code null} if not 2502 * specified. 2503 * @param iat The key issued-at time, {@code null} if not 2504 * specified. 2505 * @param revocation The key revocation, {@code null} if not specified. 2506 * @param ks Reference to the underlying key store, 2507 * {@code null} if not specified. 2508 */ 2509 public RSAKey(final RSAPublicKey pub, final RSAMultiPrimePrivateCrtKey priv, 2510 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2511 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2512 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 2513 final KeyStore ks) { 2514 2515 this(Base64URL.encode(pub.getModulus()), 2516 Base64URL.encode(pub.getPublicExponent()), 2517 Base64URL.encode(priv.getPrivateExponent()), 2518 Base64URL.encode(priv.getPrimeP()), 2519 Base64URL.encode(priv.getPrimeQ()), 2520 Base64URL.encode(priv.getPrimeExponentP()), 2521 Base64URL.encode(priv.getPrimeExponentQ()), 2522 Base64URL.encode(priv.getCrtCoefficient()), 2523 OtherPrimesInfo.toList(priv.getOtherPrimeInfo()), 2524 null, 2525 use, ops, alg, kid, 2526 x5u, x5t, x5t256, x5c, 2527 exp, nbf, iat, revocation, 2528 ks); 2529 } 2530 2531 2532 /** 2533 * Creates a new public / private RSA JSON Web Key (JWK) with the 2534 * specified parameters. The private RSA key is specified by a PKCS#11 2535 * handle. 2536 * 2537 * @param pub The public RSA key to represent. Must not be 2538 * {@code null}. 2539 * @param priv The private RSA key as PKCS#11 handle, {@code null} if 2540 * not specified. 2541 * @param use The key use, {@code null} if not specified or if the 2542 * key is intended for signing as well as encryption. 2543 * @param ops The key operations, {@code null} if not specified. 2544 * @param alg The intended JOSE algorithm for the key, {@code null} 2545 * if not specified. 2546 * @param kid The key ID, {@code null} if not specified. 2547 * @param x5u The X.509 certificate URL, {@code null} if not 2548 * specified. 2549 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2550 * if not specified. 2551 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2552 * if not specified. 2553 * @param x5c The X.509 certificate chain, {@code null} if not 2554 * specified. 2555 * @param ks Reference to the underlying key store, {@code null} if 2556 * not specified. 2557 */ 2558 @Deprecated 2559 public RSAKey(final RSAPublicKey pub, final PrivateKey priv, 2560 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2561 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2562 final KeyStore ks) { 2563 2564 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, null, null, null, ks); 2565 } 2566 2567 2568 /** 2569 * Creates a new public / private RSA JSON Web Key (JWK) with the 2570 * specified parameters. The private RSA key is specified by a PKCS#11 2571 * handle. 2572 * 2573 * @param pub The public RSA key to represent. Must not be 2574 * {@code null}. 2575 * @param priv The private RSA key as PKCS#11 handle, {@code null} if 2576 * not specified. 2577 * @param use The key use, {@code null} if not specified or if the 2578 * key is intended for signing as well as encryption. 2579 * @param ops The key operations, {@code null} if not specified. 2580 * @param alg The intended JOSE algorithm for the key, {@code null} 2581 * if not specified. 2582 * @param kid The key ID, {@code null} if not specified. 2583 * @param x5u The X.509 certificate URL, {@code null} if not 2584 * specified. 2585 * @param x5t The X.509 certificate SHA-1 thumbprint, {@code null} 2586 * if not specified. 2587 * @param x5t256 The X.509 certificate SHA-256 thumbprint, {@code null} 2588 * if not specified. 2589 * @param x5c The X.509 certificate chain, {@code null} if not 2590 * specified. 2591 * @param exp The key expiration time, {@code null} if not 2592 * specified. 2593 * @param nbf The key not-before time, {@code null} if not 2594 * specified. 2595 * @param iat The key issued-at time, {@code null} if not specified. 2596 * @param ks Reference to the underlying key store, {@code null} if 2597 * not specified. 2598 */ 2599 @Deprecated 2600 public RSAKey(final RSAPublicKey pub, final PrivateKey priv, 2601 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2602 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2603 final Date exp, final Date nbf, final Date iat, 2604 final KeyStore ks) { 2605 2606 this(pub, priv, use, ops, alg, kid, x5u, x5t, x5t256, x5c, exp, nbf, iat, null, ks); 2607 } 2608 2609 2610 // Java public + private handle 2611 /** 2612 * Creates a new public / private RSA JSON Web Key (JWK) with the 2613 * specified parameters. The private RSA key is specified by a PKCS#11 2614 * handle. 2615 * 2616 * @param pub The public RSA key to represent. Must not be 2617 * {@code null}. 2618 * @param priv The private RSA key as PKCS#11 handle, 2619 * {@code null} if not specified. 2620 * @param use The key use, {@code null} if not specified or if 2621 * the key is intended for signing as well as 2622 * encryption. 2623 * @param ops The key operations, {@code null} if not specified. 2624 * @param alg The intended JOSE algorithm for the key, 2625 * {@code null} if not specified. 2626 * @param kid The key ID, {@code null} if not specified. 2627 * @param x5u The X.509 certificate URL, {@code null} if not 2628 * specified. 2629 * @param x5t The X.509 certificate SHA-1 thumbprint, 2630 * {@code null} if not specified. 2631 * @param x5t256 The X.509 certificate SHA-256 thumbprint, 2632 * {@code null} if not specified. 2633 * @param x5c The X.509 certificate chain, {@code null} if not 2634 * specified. 2635 * @param exp The key expiration time, {@code null} if not 2636 * specified. 2637 * @param nbf The key not-before time, {@code null} if not 2638 * specified. 2639 * @param iat The key issued-at time, {@code null} if not 2640 * specified. 2641 * @param revocation The key revocation, {@code null} if not specified. 2642 * @param ks Reference to the underlying key store, 2643 * {@code null} if not specified. 2644 */ 2645 public RSAKey(final RSAPublicKey pub, final PrivateKey priv, 2646 final KeyUse use, final Set<KeyOperation> ops, final Algorithm alg, final String kid, 2647 final URI x5u, final Base64URL x5t, final Base64URL x5t256, final List<Base64> x5c, 2648 final Date exp, final Date nbf, final Date iat, final KeyRevocation revocation, 2649 final KeyStore ks) { 2650 2651 this(Base64URL.encode(pub.getModulus()), 2652 Base64URL.encode(pub.getPublicExponent()), 2653 null, 2654 null, 2655 null, 2656 null, 2657 null, 2658 null, 2659 null, 2660 priv, 2661 use, ops, alg, kid, 2662 x5u, x5t, x5t256, x5c, 2663 exp, nbf, iat, revocation, 2664 ks); 2665 } 2666 2667 2668 /** 2669 * Gets the modulus value ({@code n}) of the RSA key. 2670 * 2671 * @return The RSA key modulus. It is represented as the Base64URL 2672 * encoding of the value's big endian representation. 2673 */ 2674 public Base64URL getModulus() { 2675 2676 return n; 2677 } 2678 2679 2680 /** 2681 * Gets the public exponent ({@code e}) of the RSA key. 2682 * 2683 * @return The public RSA key exponent. It is represented as the 2684 * Base64URL encoding of the value's big endian representation. 2685 */ 2686 public Base64URL getPublicExponent() { 2687 2688 return e; 2689 } 2690 2691 2692 /** 2693 * Gets the private exponent ({@code d}) of the RSA key. 2694 * 2695 * @return The private RSA key exponent. It is represented as the 2696 * Base64URL encoding of the value's big endian representation. 2697 * {@code null} if not specified (for a public key or a private 2698 * key using the second representation only). 2699 */ 2700 public Base64URL getPrivateExponent() { 2701 2702 return d; 2703 } 2704 2705 2706 /** 2707 * Gets the first prime factor ({@code p}) of the private RSA key. 2708 * 2709 * @return The RSA first prime factor. It is represented as the 2710 * Base64URL encoding of the value's big endian representation. 2711 * {@code null} if not specified (for a public key or a private 2712 * key using the first representation only). 2713 */ 2714 public Base64URL getFirstPrimeFactor() { 2715 2716 return p; 2717 } 2718 2719 2720 /** 2721 * Gets the second prime factor ({@code q}) of the private RSA key. 2722 * 2723 * @return The RSA second prime factor. It is represented as the 2724 * Base64URL encoding of the value's big endian representation. 2725 * {@code null} if not specified (for a public key or a private 2726 * key using the first representation only). 2727 */ 2728 public Base64URL getSecondPrimeFactor() { 2729 2730 return q; 2731 } 2732 2733 2734 /** 2735 * Gets the first factor Chinese Remainder Theorem (CRT) exponent 2736 * ({@code dp}) of the private RSA key. 2737 * 2738 * @return The RSA first factor CRT exponent. It is represented as the 2739 * Base64URL encoding of the value's big endian representation. 2740 * {@code null} if not specified (for a public key or a private 2741 * key using the first representation only). 2742 */ 2743 public Base64URL getFirstFactorCRTExponent() { 2744 2745 return dp; 2746 } 2747 2748 2749 /** 2750 * Gets the second factor Chinese Remainder Theorem (CRT) exponent 2751 * ({@code dq}) of the private RSA key. 2752 * 2753 * @return The RSA second factor CRT exponent. It is represented as the 2754 * Base64URL encoding of the value's big endian representation. 2755 * {@code null} if not specified (for a public key or a private 2756 * key using the first representation only). 2757 */ 2758 public Base64URL getSecondFactorCRTExponent() { 2759 2760 return dq; 2761 } 2762 2763 2764 /** 2765 * Gets the first Chinese Remainder Theorem (CRT) coefficient 2766 * ({@code qi})} of the private RSA key. 2767 * 2768 * @return The RSA first CRT coefficient. It is represented as the 2769 * Base64URL encoding of the value's big endian representation. 2770 * {@code null} if not specified (for a public key or a private 2771 * key using the first representation only). 2772 */ 2773 public Base64URL getFirstCRTCoefficient() { 2774 2775 return qi; 2776 } 2777 2778 2779 /** 2780 * Gets the other primes information ({@code oth}) for the private RSA 2781 * key, should they exist. 2782 * 2783 * @return The RSA other primes information, {@code null} or empty list 2784 * if not specified. 2785 */ 2786 public List<OtherPrimesInfo> getOtherPrimes() { 2787 2788 return oth; 2789 } 2790 2791 2792 /** 2793 * Returns a standard {@code java.security.interfaces.RSAPublicKey} 2794 * representation of this RSA JWK. 2795 * 2796 * @return The public RSA key. 2797 * 2798 * @throws JOSEException If RSA is not supported by the underlying Java 2799 * Cryptography (JCA) provider or if the JWK 2800 * parameters are invalid for a public RSA key. 2801 */ 2802 public RSAPublicKey toRSAPublicKey() 2803 throws JOSEException { 2804 2805 BigInteger modulus = n.decodeToBigInteger(); 2806 BigInteger exponent = e.decodeToBigInteger(); 2807 2808 RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent); 2809 2810 try { 2811 KeyFactory factory = KeyFactory.getInstance("RSA"); 2812 2813 return (RSAPublicKey) factory.generatePublic(spec); 2814 2815 } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { 2816 2817 throw new JOSEException(e.getMessage(), e); 2818 } 2819 } 2820 2821 2822 /** 2823 * Returns a standard {@code java.security.interfaces.RSAPrivateKey} 2824 * representation of this RSA JWK. 2825 * 2826 * @return The private RSA key, {@code null} if not specified by this 2827 * JWK. 2828 * 2829 * @throws JOSEException If RSA is not supported by the underlying Java 2830 * Cryptography (JCA) provider or if the JWK 2831 * parameters are invalid for a private RSA key. 2832 */ 2833 public RSAPrivateKey toRSAPrivateKey() 2834 throws JOSEException { 2835 2836 if (d == null) { 2837 // no private key 2838 return null; 2839 } 2840 2841 BigInteger modulus = n.decodeToBigInteger(); 2842 BigInteger privateExponent = d.decodeToBigInteger(); 2843 2844 RSAPrivateKeySpec spec; 2845 2846 if (p == null) { 2847 // Use 1st representation 2848 spec = new RSAPrivateKeySpec(modulus, privateExponent); 2849 2850 } else { 2851 // Use 2nd (CRT) representation 2852 BigInteger publicExponent = e.decodeToBigInteger(); 2853 BigInteger primeP = p.decodeToBigInteger(); 2854 BigInteger primeQ = q.decodeToBigInteger(); 2855 BigInteger primeExponentP = dp.decodeToBigInteger(); 2856 BigInteger primeExponentQ = dq.decodeToBigInteger(); 2857 BigInteger crtCoefficient = qi.decodeToBigInteger(); 2858 2859 if (oth != null && ! oth.isEmpty()) { 2860 // Construct other info spec 2861 RSAOtherPrimeInfo[] otherInfo = new RSAOtherPrimeInfo[oth.size()]; 2862 2863 for (int i=0; i < oth.size(); i++) { 2864 2865 OtherPrimesInfo opi = oth.get(i); 2866 2867 BigInteger otherPrime = opi.getPrimeFactor().decodeToBigInteger(); 2868 BigInteger otherPrimeExponent = opi.getFactorCRTExponent().decodeToBigInteger(); 2869 BigInteger otherCrtCoefficient = opi.getFactorCRTCoefficient().decodeToBigInteger(); 2870 2871 otherInfo[i] = new RSAOtherPrimeInfo(otherPrime, 2872 otherPrimeExponent, 2873 otherCrtCoefficient); 2874 } 2875 2876 spec = new RSAMultiPrimePrivateCrtKeySpec(modulus, 2877 publicExponent, 2878 privateExponent, 2879 primeP, 2880 primeQ, 2881 primeExponentP, 2882 primeExponentQ, 2883 crtCoefficient, 2884 otherInfo); 2885 } else { 2886 // Construct spec with no other info 2887 spec = new RSAPrivateCrtKeySpec(modulus, 2888 publicExponent, 2889 privateExponent, 2890 primeP, 2891 primeQ, 2892 primeExponentP, 2893 primeExponentQ, 2894 crtCoefficient); 2895 } 2896 } 2897 2898 try { 2899 KeyFactory factory = KeyFactory.getInstance("RSA"); 2900 2901 return (RSAPrivateKey) factory.generatePrivate(spec); 2902 2903 } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { 2904 2905 throw new JOSEException(e.getMessage(), e); 2906 } 2907 } 2908 2909 2910 @Override 2911 public PublicKey toPublicKey() 2912 throws JOSEException { 2913 2914 return toRSAPublicKey(); 2915 } 2916 2917 2918 @Override 2919 public PrivateKey toPrivateKey() 2920 throws JOSEException { 2921 2922 PrivateKey prv = toRSAPrivateKey(); 2923 2924 if (prv != null) { 2925 // Return private RSA key with key material 2926 return prv; 2927 } 2928 2929 // Return private RSA key as PKCS#11 handle, or null 2930 return privateKey; 2931 } 2932 2933 2934 /** 2935 * Returns a standard {@code java.security.KeyPair} representation of 2936 * this RSA JWK. 2937 * 2938 * @return The RSA key pair. The private RSA key will be {@code null} 2939 * if not specified. 2940 * 2941 * @throws JOSEException If RSA is not supported by the underlying Java 2942 * Cryptography (JCA) provider or if the JWK 2943 * parameters are invalid for a public and / or 2944 * private RSA key. 2945 */ 2946 @Override 2947 public KeyPair toKeyPair() 2948 throws JOSEException { 2949 2950 return new KeyPair(toRSAPublicKey(), toPrivateKey()); 2951 } 2952 2953 2954 @Override 2955 public RSAKey toRevokedJWK(final KeyRevocation keyRevocation) { 2956 2957 if (getKeyRevocation() != null) { 2958 throw new IllegalStateException("Already revoked"); 2959 } 2960 2961 return new RSAKey.Builder(this) 2962 .keyRevocation(Objects.requireNonNull(keyRevocation)) 2963 .build(); 2964 } 2965 2966 2967 @Override 2968 public boolean matches(final X509Certificate cert) { 2969 2970 RSAPublicKey certRSAKey; 2971 try { 2972 certRSAKey = (RSAPublicKey) getParsedX509CertChain().get(0).getPublicKey(); 2973 } catch (ClassCastException ex) { 2974 return false; 2975 } 2976 if (! e.decodeToBigInteger().equals(certRSAKey.getPublicExponent())) { 2977 return false; 2978 } 2979 return n.decodeToBigInteger().equals(certRSAKey.getModulus()); 2980 } 2981 2982 2983 @Override 2984 public LinkedHashMap<String,?> getRequiredParams() { 2985 2986 // Put mandatory params in sorted order 2987 LinkedHashMap<String,String> requiredParams = new LinkedHashMap<>(); 2988 requiredParams.put(JWKParameterNames.RSA_EXPONENT, e.toString()); 2989 requiredParams.put(JWKParameterNames.KEY_TYPE, getKeyType().getValue()); 2990 requiredParams.put(JWKParameterNames.RSA_MODULUS, n.toString()); 2991 return requiredParams; 2992 } 2993 2994 2995 @Override 2996 public boolean isPrivate() { 2997 2998 // Check if 1st or 2nd form params are specified, or PKCS#11 handle 2999 return d != null || p != null || privateKey != null; 3000 } 3001 3002 3003 @Override 3004 public int size() { 3005 3006 try { 3007 return ByteUtils.safeBitLength(n.decode()); 3008 } catch (IntegerOverflowException e) { 3009 throw new ArithmeticException(e.getMessage()); 3010 } 3011 } 3012 3013 3014 /** 3015 * Returns a copy of this RSA JWK with any private values removed. 3016 * 3017 * @return The copied public RSA JWK. 3018 */ 3019 @Override 3020 public RSAKey toPublicJWK() { 3021 3022 return new RSAKey( 3023 getModulus(), getPublicExponent(), 3024 getKeyUse(), getKeyOperations(), getAlgorithm(), getKeyID(), 3025 getX509CertURL(), getX509CertThumbprint(), getX509CertSHA256Thumbprint(), getX509CertChain(), 3026 getExpirationTime(), getNotBeforeTime(), getIssueTime(), getKeyRevocation(), 3027 getKeyStore()); 3028 } 3029 3030 3031 @Override 3032 public Map<String, Object> toJSONObject() { 3033 3034 Map<String, Object> o = super.toJSONObject(); 3035 3036 // Append public RSA key specific attributes 3037 o.put(JWKParameterNames.RSA_MODULUS, n.toString()); 3038 o.put(JWKParameterNames.RSA_EXPONENT, e.toString()); 3039 if (d != null) { 3040 o.put(JWKParameterNames.RSA_PRIVATE_EXPONENT, d.toString()); 3041 } 3042 if (p != null) { 3043 o.put(JWKParameterNames.RSA_FIRST_PRIME_FACTOR, p.toString()); 3044 } 3045 if (q != null) { 3046 o.put(JWKParameterNames.RSA_SECOND_PRIME_FACTOR, q.toString()); 3047 } 3048 if (dp != null) { 3049 o.put(JWKParameterNames.RSA_FIRST_FACTOR_CRT_EXPONENT, dp.toString()); 3050 } 3051 if (dq != null) { 3052 o.put(JWKParameterNames.RSA_SECOND_FACTOR_CRT_EXPONENT, dq.toString()); 3053 } 3054 if (qi != null) { 3055 o.put(JWKParameterNames.RSA_FIRST_CRT_COEFFICIENT, qi.toString()); 3056 } 3057 if (oth != null && !oth.isEmpty()) { 3058 3059 List<Object> a = JSONArrayUtils.newJSONArray(); 3060 3061 for (OtherPrimesInfo other : oth) { 3062 3063 Map<String, Object> oo = JSONObjectUtils.newJSONObject(); 3064 oo.put(JWKParameterNames.RSA_OTHER_PRIMES__PRIME_FACTOR, other.r.toString()); 3065 oo.put(JWKParameterNames.RSA_OTHER_PRIMES__FACTOR_CRT_EXPONENT, other.d.toString()); 3066 oo.put(JWKParameterNames.RSA_OTHER_PRIMES__FACTOR_CRT_COEFFICIENT, other.t.toString()); 3067 3068 a.add(oo); 3069 } 3070 3071 o.put(JWKParameterNames.RSA_OTHER_PRIMES, a); 3072 } 3073 3074 return o; 3075 } 3076 3077 3078 /** 3079 * Parses a public / private RSA JWK from the specified JSON object 3080 * string representation. 3081 * 3082 * @param s The JSON object string to parse. Must not be {@code null}. 3083 * 3084 * @return The public / private RSA JWK. 3085 * 3086 * @throws ParseException If the string couldn't be parsed to an RSA 3087 * JWK. 3088 */ 3089 public static RSAKey parse(final String s) 3090 throws ParseException { 3091 3092 return parse(JSONObjectUtils.parse(s)); 3093 } 3094 3095 3096 /** 3097 * Parses a public / private RSA JWK from the specified JSON object 3098 * representation. 3099 * 3100 * @param jsonObject The JSON object to parse. Must not be 3101 * {@code null}. 3102 * 3103 * @return The public / private RSA Key. 3104 * 3105 * @throws ParseException If the JSON object couldn't be parsed to an 3106 * RSA JWK. 3107 */ 3108 public static RSAKey parse(final Map<String, Object> jsonObject) 3109 throws ParseException { 3110 3111 // Check key type 3112 if (! KeyType.RSA.equals(JWKMetadata.parseKeyType(jsonObject))) { 3113 throw new ParseException("The key type \"kty\" must be RSA", 0); 3114 } 3115 3116 // Parse the mandatory public key parameters 3117 Base64URL n = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_MODULUS); 3118 Base64URL e = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_EXPONENT); 3119 3120 // Parse the optional private key parameters 3121 3122 // 1st private representation 3123 Base64URL d = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_PRIVATE_EXPONENT); 3124 3125 // 2nd private (CRT) representation 3126 Base64URL p = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_FIRST_PRIME_FACTOR); 3127 Base64URL q = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_SECOND_PRIME_FACTOR); 3128 Base64URL dp = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_FIRST_FACTOR_CRT_EXPONENT); 3129 Base64URL dq = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_SECOND_FACTOR_CRT_EXPONENT); 3130 Base64URL qi = JSONObjectUtils.getBase64URL(jsonObject, JWKParameterNames.RSA_FIRST_CRT_COEFFICIENT); 3131 3132 List<OtherPrimesInfo> oth = null; 3133 if (jsonObject.containsKey(JWKParameterNames.RSA_OTHER_PRIMES)) { 3134 3135 List<Object> arr = JSONObjectUtils.getJSONArray(jsonObject, JWKParameterNames.RSA_OTHER_PRIMES); 3136 if(arr != null) { 3137 oth = new ArrayList<>(arr.size()); 3138 3139 for (Object o : arr) { 3140 3141 if (o instanceof Map) { 3142 Map<String, Object> otherJson = ( Map<String, Object>)o; 3143 3144 Base64URL r = JSONObjectUtils.getBase64URL(otherJson, JWKParameterNames.RSA_OTHER_PRIMES__PRIME_FACTOR); 3145 Base64URL odq = JSONObjectUtils.getBase64URL(otherJson, JWKParameterNames.RSA_SECOND_FACTOR_CRT_EXPONENT); 3146 Base64URL t = JSONObjectUtils.getBase64URL(otherJson, JWKParameterNames.RSA_OTHER_PRIMES__FACTOR_CRT_COEFFICIENT); 3147 try { 3148 oth.add(new OtherPrimesInfo(r, odq, t)); 3149 } catch (IllegalArgumentException iae) { 3150 throw new ParseException(iae.getMessage(), 0); 3151 } 3152 } 3153 } 3154 } 3155 } 3156 3157 try { 3158 return new RSAKey(n, e, d, p, q, dp, dq, qi, oth, null, 3159 JWKMetadata.parseKeyUse(jsonObject), 3160 JWKMetadata.parseKeyOperations(jsonObject), 3161 JWKMetadata.parseAlgorithm(jsonObject), 3162 JWKMetadata.parseKeyID(jsonObject), 3163 JWKMetadata.parseX509CertURL(jsonObject), 3164 JWKMetadata.parseX509CertThumbprint(jsonObject), 3165 JWKMetadata.parseX509CertSHA256Thumbprint(jsonObject), 3166 JWKMetadata.parseX509CertChain(jsonObject), 3167 JWKMetadata.parseExpirationTime(jsonObject), 3168 JWKMetadata.parseNotBeforeTime(jsonObject), 3169 JWKMetadata.parseIssueTime(jsonObject), 3170 JWKMetadata.parseKeyRevocation(jsonObject), 3171 null); 3172 3173 } catch (Exception ex) { 3174 // Missing mandatory n or e, inconsistent 2nd spec, 3175 // conflicting 'use' and 'key_ops', etc. 3176 throw new ParseException(ex.getMessage(), 0); 3177 } 3178 } 3179 3180 3181 /** 3182 * Parses a public RSA JWK from the specified X.509 certificate. 3183 * 3184 * <p><strong>Important:</strong> The X.509 certificate is not 3185 * validated! 3186 * 3187 * <p>Sets the following JWK parameters: 3188 * 3189 * <ul> 3190 * <li>The JWK use inferred by {@link KeyUse#from}. 3191 * <li>The JWK ID from the X.509 serial number (in base 10). 3192 * <li>The JWK X.509 certificate chain (this certificate only). 3193 * <li>The JWK X.509 certificate SHA-256 thumbprint. 3194 * </ul> 3195 * 3196 * @param cert The X.509 certificate. Must not be {@code null}. 3197 * 3198 * @return The public RSA key. 3199 * 3200 * @throws JOSEException If parsing failed. 3201 */ 3202 public static RSAKey parse(final X509Certificate cert) 3203 throws JOSEException { 3204 3205 if (! (cert.getPublicKey() instanceof RSAPublicKey)) { 3206 throw new JOSEException("The public key of the X.509 certificate is not RSA"); 3207 } 3208 3209 RSAPublicKey publicKey = (RSAPublicKey)cert.getPublicKey(); 3210 3211 try { 3212 MessageDigest sha256 = MessageDigest.getInstance("SHA-256"); 3213 3214 return new RSAKey.Builder(publicKey) 3215 .keyUse(KeyUse.from(cert)) 3216 .keyID(cert.getSerialNumber().toString(10)) 3217 .x509CertChain(Collections.singletonList(Base64.encode(cert.getEncoded()))) 3218 .x509CertSHA256Thumbprint(Base64URL.encode(sha256.digest(cert.getEncoded()))) 3219 .expirationTime(cert.getNotAfter()) 3220 .notBeforeTime(cert.getNotBefore()) 3221 .build(); 3222 } catch (NoSuchAlgorithmException e) { 3223 throw new JOSEException("Couldn't encode x5t parameter: " + e.getMessage(), e); 3224 } catch (CertificateEncodingException e) { 3225 throw new JOSEException("Couldn't encode x5c parameter: " + e.getMessage(), e); 3226 } 3227 } 3228 3229 3230 /** 3231 * Loads a public / private RSA JWK from the specified JCA key store. 3232 * 3233 * <p><strong>Important:</strong> The X.509 certificate is not 3234 * validated! 3235 * 3236 * @param keyStore The key store. Must not be {@code null}. 3237 * @param alias The alias. Must not be {@code null}. 3238 * @param pin The pin to unlock the private key if any, empty or 3239 * {@code null} if not required. 3240 * 3241 * @return The public / private RSA key, {@code null} if no key with 3242 * the specified alias was found. 3243 * 3244 * @throws KeyStoreException On a key store exception. 3245 * @throws JOSEException If RSA key loading failed. 3246 */ 3247 public static RSAKey load(final KeyStore keyStore, 3248 final String alias, 3249 final char[] pin) 3250 throws KeyStoreException, JOSEException { 3251 3252 java.security.cert.Certificate cert = keyStore.getCertificate(alias); 3253 3254 if (!(cert instanceof X509Certificate)) { 3255 return null; 3256 } 3257 3258 X509Certificate x509Cert = (X509Certificate)cert; 3259 3260 if (! (x509Cert.getPublicKey() instanceof RSAPublicKey)) { 3261 throw new JOSEException("Couldn't load RSA JWK: The key algorithm is not RSA"); 3262 } 3263 3264 RSAKey rsaJWK = RSAKey.parse(x509Cert); 3265 3266 // Let kid=alias 3267 rsaJWK = new RSAKey.Builder(rsaJWK).keyID(alias).keyStore(keyStore).build(); 3268 3269 // Check for private counterpart 3270 Key key; 3271 try { 3272 key = keyStore.getKey(alias, pin); 3273 } catch (UnrecoverableKeyException | NoSuchAlgorithmException e) { 3274 throw new JOSEException("Couldn't retrieve private RSA key (bad pin?): " + e.getMessage(), e); 3275 } 3276 3277 if (key instanceof RSAPrivateKey) { 3278 // Simple file based key store 3279 return new RSAKey.Builder(rsaJWK) 3280 .privateKey((RSAPrivateKey)key) 3281 .build(); 3282 } else if (key instanceof PrivateKey && "RSA".equalsIgnoreCase(key.getAlgorithm())) { 3283 // PKCS#11 store 3284 return new RSAKey.Builder(rsaJWK) 3285 .privateKey((PrivateKey)key) 3286 .build(); 3287 } else { 3288 return rsaJWK; 3289 } 3290 } 3291 3292 3293 @Override 3294 public boolean equals(Object o) { 3295 if (this == o) return true; 3296 if (!(o instanceof RSAKey)) return false; 3297 if (!super.equals(o)) return false; 3298 RSAKey rsaKey = (RSAKey) o; 3299 return Objects.equals(n, rsaKey.n) && 3300 Objects.equals(e, rsaKey.e) && 3301 Objects.equals(d, rsaKey.d) && 3302 Objects.equals(p, rsaKey.p) && 3303 Objects.equals(q, rsaKey.q) && 3304 Objects.equals(dp, rsaKey.dp) && 3305 Objects.equals(dq, rsaKey.dq) && 3306 Objects.equals(qi, rsaKey.qi) && 3307 Objects.equals(oth, rsaKey.oth) && 3308 Objects.equals(privateKey, rsaKey.privateKey); 3309 } 3310 3311 3312 @Override 3313 public int hashCode() { 3314 return Objects.hash(super.hashCode(), n, e, d, p, q, dp, dq, qi, oth, privateKey); 3315 } 3316}