Source code

001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jose.jwk.gen;
019
020
021import java.security.InvalidAlgorithmParameterException;
022import java.security.KeyPair;
023import java.security.KeyPairGenerator;
024import java.security.NoSuchAlgorithmException;
025import java.security.interfaces.ECPrivateKey;
026import java.security.interfaces.ECPublicKey;
027import java.security.spec.ECParameterSpec;
028
029import com.nimbusds.jose.JOSEException;
030import com.nimbusds.jose.jwk.Curve;
031import com.nimbusds.jose.jwk.ECKey;
032
033
034/**
035 * Elliptic Curve (EC) JSON Web Key (JWK) generator.
036 *
037 * <p>Supported curves:
038 *
039 * <ul>
040 *     <li>{@link Curve#P_256 P-256}
041 *     <li>{@link Curve#P_256K P-256K}
042 *     <li>{@link Curve#P_384 P-384}
043 *     <li>{@link Curve#P_521 P-512}
044 * </ul>
045 *
046 * @author Vladimir Dzhuvinov
047 * @version 2018-07-15
048 */
049public class ECKeyGenerator extends JWKGenerator<ECKey> {
050        
051        
052        /**
053         * The curve.
054         */
055        private final Curve crv;
056        
057        
058        /**
059         * Creates a new EC JWK generator.
060         *
061         * @param crv The curve. Must not be {@code null}.
062         */
063        public ECKeyGenerator(final Curve crv) {
064        
065                if (crv == null) {
066                        throw new IllegalArgumentException("The curve must not be null");
067                }
068                this.crv = crv;
069        }
070        
071        
072        @Override
073        public ECKey generate()
074                throws JOSEException  {
075                
076                ECParameterSpec ecSpec = crv.toECParameterSpec();
077                
078                KeyPairGenerator generator;
079                try {
080                        if (keyStore != null) {
081                                // For PKCS#11
082                                generator = KeyPairGenerator.getInstance("EC", keyStore.getProvider());
083                        } else {
084                                generator = KeyPairGenerator.getInstance("EC");
085                        }
086                        generator.initialize(ecSpec);
087                } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException e) {
088                        throw new JOSEException(e.getMessage(), e);
089                }
090                
091                KeyPair kp = generator.generateKeyPair();
092                
093                ECPublicKey pub = (ECPublicKey) kp.getPublic();
094                ECPrivateKey priv = (ECPrivateKey) kp.getPrivate();
095                
096                ECKey.Builder builder = new ECKey.Builder(crv, pub)
097                        .privateKey(priv)
098                        .keyUse(use)
099                        .keyOperations(ops)
100                        .algorithm(alg)
101                        .keyStore(keyStore);
102                
103                if (x5tKid) {
104                        builder.keyIDFromThumbprint();
105                } else {
106                        builder.keyID(kid);
107                }
108                
109                return builder.build();
110        }
111}