001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jose.crypto.impl; 019 020 021import java.security.InvalidKeyException; 022import java.security.PrivateKey; 023import java.security.Provider; 024import java.security.SecureRandom; 025import java.security.interfaces.RSAPublicKey; 026import javax.crypto.Cipher; 027import javax.crypto.IllegalBlockSizeException; 028import javax.crypto.SecretKey; 029import javax.crypto.spec.SecretKeySpec; 030 031import com.nimbusds.jose.JOSEException; 032import net.jcip.annotations.ThreadSafe; 033 034 035/** 036 * RSAES OAEP methods for Content Encryption Key (CEK) encryption and 037 * decryption. Uses the BouncyCastle.org provider. This class is thread-safe 038 * 039 * @author Vladimir Dzhuvinov 040 * @version 2017-11-27 041 */ 042@ThreadSafe 043public class RSA_OAEP { 044 045 046 /** 047 * The JCA algorithm name for RSA-OAEP. 048 */ 049 private static final String RSA_OEAP_JCA_ALG = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"; 050 051 052 /** 053 * Encrypts the specified Content Encryption Key (CEK). 054 * 055 * @param pub The public RSA key. Must not be {@code null}. 056 * @param cek The Content Encryption Key (CEK) to encrypt. Must 057 * not be {@code null}. 058 * @param provider The JCA provider, {@code null} to use the default. 059 * 060 * @return The encrypted Content Encryption Key (CEK). 061 * 062 * @throws JOSEException If encryption failed. 063 */ 064 public static byte[] encryptCEK(final RSAPublicKey pub, final SecretKey cek, final Provider provider) 065 throws JOSEException { 066 067 try { 068 Cipher cipher = CipherHelper.getInstance(RSA_OEAP_JCA_ALG, provider); 069 cipher.init(Cipher.WRAP_MODE, pub, new SecureRandom()); 070 return cipher.wrap(cek); 071 072 } catch (InvalidKeyException e) { 073 throw new JOSEException("RSA block size exception: The RSA key is too short, try a longer one", e); 074 } catch (Exception e) { 075 // java.security.NoSuchAlgorithmException 076 // java.security.NoSuchPaddingException 077 // java.security.InvalidKeyException 078 // javax.crypto.BadPaddingException 079 throw new JOSEException(e.getMessage(), e); 080 } 081 } 082 083 084 /** 085 * Decrypts the specified encrypted Content Encryption Key (CEK). 086 * 087 * @param priv The private RSA key. Must not be {@code null}. 088 * @param encryptedCEK The encrypted Content Encryption Key (CEK) to 089 * decrypt. Must not be {@code null}. 090 * @param provider The JCA provider, {@code null} to use the 091 * default. 092 * 093 * @return The decrypted Content Encryption Key (CEK). 094 * 095 * @throws JOSEException If decryption failed. 096 */ 097 public static SecretKey decryptCEK(final PrivateKey priv, 098 final byte[] encryptedCEK, final Provider provider) 099 throws JOSEException { 100 101 try { 102 Cipher cipher = CipherHelper.getInstance(RSA_OEAP_JCA_ALG, provider); 103 cipher.init(Cipher.UNWRAP_MODE, priv); 104 return (SecretKey) cipher.unwrap(encryptedCEK, "AES", Cipher.SECRET_KEY); 105 106 } catch (Exception e) { 107 // java.security.NoSuchAlgorithmException 108 // java.security.NoSuchPaddingException 109 // java.security.InvalidKeyException 110 // javax.crypto.IllegalBlockSizeException 111 // javax.crypto.BadPaddingException 112 throw new JOSEException(e.getMessage(), e); 113 } 114 } 115 116 117 /** 118 * Prevents public instantiation. 119 */ 120 private RSA_OAEP() { } 121}