Skip to content

Commit 1f35900

Browse files
lbalmacedalbalmaceda
authored
Merge pull request auth0#149 from auth0/add-key-provider
Add Algorithm KeyProvider interface
2 parents aa5ff04 + 18c1710 commit 1f35900

File tree

9 files changed

+329
-107
lines changed

9 files changed

+329
-107
lines changed

lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java

Lines changed: 128 additions & 59 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22

33
import com.auth0.jwt.exceptions.SignatureGenerationException;
44
import com.auth0.jwt.exceptions.SignatureVerificationException;
5+
import com.auth0.jwt.interfaces.ECKeyProvider;
6+
import com.auth0.jwt.interfaces.RSAKeyProvider;
57

68
import java.io.UnsupportedEncodingException;
79
import java.security.interfaces.*;
@@ -18,10 +20,33 @@ public abstract class Algorithm {
1820
/**
1921
* Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
2022
*
21-
* @param key the key to use in the verify or signing instance.
23+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
2224
* @return a valid RSA256 Algorithm.
2325
* @throws IllegalArgumentException if the provided Key is null.
24-
* @deprecated use {@link #RSA256(RSAPublicKey, RSAPrivateKey)}
26+
*/
27+
public static Algorithm RSA256(RSAKeyProvider keyProvider) throws IllegalArgumentException {
28+
return new RSAAlgorithm("RS256", "SHA256withRSA", keyProvider);
29+
}
30+
31+
/**
32+
* Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
33+
*
34+
* @param publicKey the key to use in the verify instance.
35+
* @param privateKey the key to use in the signing instance.
36+
* @return a valid RSA256 Algorithm.
37+
* @throws IllegalArgumentException if both provided Keys are null.
38+
*/
39+
public static Algorithm RSA256(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
40+
return RSA256(RSAAlgorithm.providerForKeys(publicKey, privateKey));
41+
}
42+
43+
/**
44+
* Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
45+
*
46+
* @param key the key to use in the verify or signing instance.
47+
* @return a valid RSA256 Algorithm.
48+
* @throws IllegalArgumentException if the Key Provider is null.
49+
* @deprecated use {@link #RSA256(RSAPublicKey, RSAPrivateKey)} or {@link #RSA256(RSAKeyProvider)}
2550
*/
2651
@Deprecated
2752
public static Algorithm RSA256(RSAKey key) throws IllegalArgumentException {
@@ -33,67 +58,77 @@ public static Algorithm RSA256(RSAKey key) throws IllegalArgumentException {
3358
/**
3459
* Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
3560
*
36-
* @param key the key to use in the verify or signing instance.
61+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
3762
* @return a valid RSA384 Algorithm.
38-
* @throws IllegalArgumentException if the provided Key is null.
39-
* @deprecated use {@link #RSA384(RSAPublicKey, RSAPrivateKey)}
63+
* @throws IllegalArgumentException if the Key Provider is null.
4064
*/
41-
@Deprecated
42-
public static Algorithm RSA384(RSAKey key) throws IllegalArgumentException {
43-
RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
44-
RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
45-
return RSA384(publicKey, privateKey);
65+
public static Algorithm RSA384(RSAKeyProvider keyProvider) throws IllegalArgumentException {
66+
return new RSAAlgorithm("RS384", "SHA384withRSA", keyProvider);
4667
}
4768

4869
/**
49-
* Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
70+
* Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
71+
*
72+
* @param publicKey the key to use in the verify instance.
73+
* @param privateKey the key to use in the signing instance.
74+
* @return a valid RSA384 Algorithm.
75+
* @throws IllegalArgumentException if both provided Keys are null.
76+
*/
77+
public static Algorithm RSA384(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
78+
return RSA384(RSAAlgorithm.providerForKeys(publicKey, privateKey));
79+
}
80+
81+
/**
82+
* Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
5083
*
5184
* @param key the key to use in the verify or signing instance.
52-
* @return a valid RSA512 Algorithm.
85+
* @return a valid RSA384 Algorithm.
5386
* @throws IllegalArgumentException if the provided Key is null.
54-
* @deprecated use {@link #RSA512(RSAPublicKey, RSAPrivateKey)}
87+
* @deprecated use {@link #RSA384(RSAPublicKey, RSAPrivateKey)} or {@link #RSA384(RSAKeyProvider)}
5588
*/
5689
@Deprecated
57-
public static Algorithm RSA512(RSAKey key) throws IllegalArgumentException {
90+
public static Algorithm RSA384(RSAKey key) throws IllegalArgumentException {
5891
RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
5992
RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
60-
return RSA512(publicKey, privateKey);
93+
return RSA384(publicKey, privateKey);
6194
}
6295

6396
/**
64-
* Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
97+
* Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
6598
*
66-
* @param publicKey the key to use in the verify instance.
67-
* @param privateKey the key to use in the signing instance.
68-
* @return a valid RSA256 Algorithm.
69-
* @throws IllegalArgumentException if both provided Keys are null.
99+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
100+
* @return a valid RSA512 Algorithm.
101+
* @throws IllegalArgumentException if the Key Provider is null.
70102
*/
71-
public static Algorithm RSA256(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
72-
return new RSAAlgorithm("RS256", "SHA256withRSA", publicKey, privateKey);
103+
public static Algorithm RSA512(RSAKeyProvider keyProvider) throws IllegalArgumentException {
104+
return new RSAAlgorithm("RS512", "SHA512withRSA", keyProvider);
73105
}
74106

75107
/**
76-
* Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
108+
* Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
77109
*
78110
* @param publicKey the key to use in the verify instance.
79111
* @param privateKey the key to use in the signing instance.
80-
* @return a valid RSA384 Algorithm.
112+
* @return a valid RSA512 Algorithm.
81113
* @throws IllegalArgumentException if both provided Keys are null.
82114
*/
83-
public static Algorithm RSA384(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
84-
return new RSAAlgorithm("RS384", "SHA384withRSA", publicKey, privateKey);
115+
public static Algorithm RSA512(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
116+
return RSA512(RSAAlgorithm.providerForKeys(publicKey, privateKey));
85117
}
86118

87119
/**
88120
* Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
89121
*
90-
* @param publicKey the key to use in the verify instance.
91-
* @param privateKey the key to use in the signing instance.
122+
* @param key the key to use in the verify or signing instance.
92123
* @return a valid RSA512 Algorithm.
93-
* @throws IllegalArgumentException if both provided Keys are null.
124+
* @throws IllegalArgumentException if the provided Key is null.
125+
* @deprecated use {@link #RSA512(RSAPublicKey, RSAPrivateKey)} or {@link #RSA512(RSAKeyProvider)}
94126
*/
95-
public static Algorithm RSA512(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
96-
return new RSAAlgorithm("RS512", "SHA512withRSA", publicKey, privateKey);
127+
@Deprecated
128+
public static Algorithm RSA512(RSAKey key) throws IllegalArgumentException {
129+
RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
130+
RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
131+
return RSA512(publicKey, privateKey);
97132
}
98133

99134
/**
@@ -165,13 +200,36 @@ public static Algorithm HMAC512(byte[] secret) throws IllegalArgumentException {
165200
return new HMACAlgorithm("HS512", "HmacSHA512", secret);
166201
}
167202

203+
/**
204+
* Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
205+
*
206+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
207+
* @return a valid ECDSA256 Algorithm.
208+
* @throws IllegalArgumentException if the Key Provider is null.
209+
*/
210+
public static Algorithm ECDSA256(ECKeyProvider keyProvider) throws IllegalArgumentException {
211+
return new ECDSAAlgorithm("ES256", "SHA256withECDSA", 32, keyProvider);
212+
}
213+
214+
/**
215+
* Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
216+
*
217+
* @param publicKey the key to use in the verify instance.
218+
* @param privateKey the key to use in the signing instance.
219+
* @return a valid ECDSA256 Algorithm.
220+
* @throws IllegalArgumentException if the provided Key is null.
221+
*/
222+
public static Algorithm ECDSA256(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
223+
return ECDSA256(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
224+
}
225+
168226
/**
169227
* Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
170228
*
171229
* @param key the key to use in the verify or signing instance.
172230
* @return a valid ECDSA256 Algorithm.
173231
* @throws IllegalArgumentException if the provided Key is null.
174-
* @deprecated use {@link #ECDSA256(ECPublicKey, ECPrivateKey)}
232+
* @deprecated use {@link #ECDSA256(ECPublicKey, ECPrivateKey)} or {@link #ECDSA256(ECKeyProvider)}
175233
*/
176234
@Deprecated
177235
public static Algorithm ECDSA256(ECKey key) throws IllegalArgumentException {
@@ -183,69 +241,80 @@ public static Algorithm ECDSA256(ECKey key) throws IllegalArgumentException {
183241
/**
184242
* Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
185243
*
186-
* @param key the key to use in the verify or signing instance.
244+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
245+
* @return a valid ECDSA384 Algorithm.
246+
* @throws IllegalArgumentException if the Key Provider is null.
247+
*/
248+
public static Algorithm ECDSA384(ECKeyProvider keyProvider) throws IllegalArgumentException {
249+
return new ECDSAAlgorithm("ES384", "SHA384withECDSA", 48, keyProvider);
250+
}
251+
252+
/**
253+
* Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
254+
*
255+
* @param publicKey the key to use in the verify instance.
256+
* @param privateKey the key to use in the signing instance.
187257
* @return a valid ECDSA384 Algorithm.
188258
* @throws IllegalArgumentException if the provided Key is null.
189-
* @deprecated use {@link #ECDSA384(ECPublicKey, ECPrivateKey)}
190259
*/
191-
@Deprecated
192-
public static Algorithm ECDSA384(ECKey key) throws IllegalArgumentException {
193-
ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
194-
ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
195-
return ECDSA384(publicKey, privateKey);
260+
public static Algorithm ECDSA384(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
261+
return ECDSA384(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
196262
}
197263

198264
/**
199-
* Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
265+
* Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
200266
*
201267
* @param key the key to use in the verify or signing instance.
202-
* @return a valid ECDSA512 Algorithm.
268+
* @return a valid ECDSA384 Algorithm.
203269
* @throws IllegalArgumentException if the provided Key is null.
204-
* @deprecated use {@link #ECDSA512(ECPublicKey, ECPrivateKey)}
270+
* @deprecated use {@link #ECDSA384(ECPublicKey, ECPrivateKey)} or {@link #ECDSA384(ECKeyProvider)}
205271
*/
206272
@Deprecated
207-
public static Algorithm ECDSA512(ECKey key) throws IllegalArgumentException {
273+
public static Algorithm ECDSA384(ECKey key) throws IllegalArgumentException {
208274
ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
209275
ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
210-
return ECDSA512(publicKey, privateKey);
276+
return ECDSA384(publicKey, privateKey);
211277
}
212278

213279
/**
214-
* Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
280+
* Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
215281
*
216-
* @param publicKey the key to use in the verify instance.
217-
* @param privateKey the key to use in the signing instance.
218-
* @return a valid ECDSA256 Algorithm.
219-
* @throws IllegalArgumentException if the provided Key is null.
282+
* @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
283+
* @return a valid ECDSA512 Algorithm.
284+
* @throws IllegalArgumentException if the Key Provider is null.
220285
*/
221-
public static Algorithm ECDSA256(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
222-
return new ECDSAAlgorithm("ES256", "SHA256withECDSA", 32, publicKey, privateKey);
286+
public static Algorithm ECDSA512(ECKeyProvider keyProvider) throws IllegalArgumentException {
287+
return new ECDSAAlgorithm("ES512", "SHA512withECDSA", 66, keyProvider);
223288
}
224289

225290
/**
226-
* Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
291+
* Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
227292
*
228293
* @param publicKey the key to use in the verify instance.
229294
* @param privateKey the key to use in the signing instance.
230-
* @return a valid ECDSA384 Algorithm.
295+
* @return a valid ECDSA512 Algorithm.
231296
* @throws IllegalArgumentException if the provided Key is null.
232297
*/
233-
public static Algorithm ECDSA384(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
234-
return new ECDSAAlgorithm("ES384", "SHA384withECDSA", 48, publicKey, privateKey);
298+
public static Algorithm ECDSA512(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
299+
return ECDSA512(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
235300
}
236301

237302
/**
238303
* Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
239304
*
240-
* @param publicKey the key to use in the verify instance.
241-
* @param privateKey the key to use in the signing instance.
305+
* @param key the key to use in the verify or signing instance.
242306
* @return a valid ECDSA512 Algorithm.
243307
* @throws IllegalArgumentException if the provided Key is null.
308+
* @deprecated use {@link #ECDSA512(ECPublicKey, ECPrivateKey)} or {@link #ECDSA512(ECKeyProvider)}
244309
*/
245-
public static Algorithm ECDSA512(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
246-
return new ECDSAAlgorithm("ES512", "SHA512withECDSA", 66, publicKey, privateKey);
310+
@Deprecated
311+
public static Algorithm ECDSA512(ECKey key) throws IllegalArgumentException {
312+
ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
313+
ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
314+
return ECDSA512(publicKey, privateKey);
247315
}
248316

317+
249318
public static Algorithm none() {
250319
return new NoneAlgorithm();
251320
}

0 commit comments

Comments
 (0)