Source code

001package com.nimbusds.jose.crypto.factories;
002
003
004import java.security.Key;
005import java.security.interfaces.ECPublicKey;
006import java.security.interfaces.RSAPublicKey;
007
008import javax.crypto.SecretKey;
009
010import net.jcip.annotations.ThreadSafe;
011
012import com.nimbusds.jose.JOSEException;
013import com.nimbusds.jose.JWSHeader;
014import com.nimbusds.jose.JWSVerifier;
015import com.nimbusds.jose.KeyTypeException;
016import com.nimbusds.jose.crypto.ECDSAVerifier;
017import com.nimbusds.jose.crypto.MACVerifier;
018import com.nimbusds.jose.crypto.RSASSAVerifier;
019import com.nimbusds.jose.proc.JWSVerifierFactory;
020
021
022/**
023 * Default JSON Web Signature (JWS) verifier factory.
024 *
025 * <p>Supports all standard JWS algorithms implemented in the
026 * {@link com.nimbusds.jose.crypto} package.
027 *
028 * @author Vladimir Dzhuvinov
029 * @version 2015-06-08
030 */
031@ThreadSafe
032public class DefaultJWSVerifierFactory implements JWSVerifierFactory {
033
034
035        @Override
036        public JWSVerifier createJWSVerifier(final JWSHeader header, final Key key)
037                throws JOSEException {
038
039                if (MACVerifier.SUPPORTED_ALGORITHMS.contains(header.getAlgorithm())) {
040
041                        if (!(key instanceof SecretKey)) {
042                                throw new KeyTypeException(SecretKey.class);
043                        }
044
045                        SecretKey macKey = (SecretKey)key;
046
047                        return new MACVerifier(macKey);
048
049                } else if (RSASSAVerifier.SUPPORTED_ALGORITHMS.contains(header.getAlgorithm())) {
050
051                        if (!(key instanceof RSAPublicKey)) {
052                                throw new KeyTypeException(RSAPublicKey.class);
053                        }
054
055                        RSAPublicKey rsaPublicKey = (RSAPublicKey)key;
056
057                        return new RSASSAVerifier(rsaPublicKey);
058
059                } else if (ECDSAVerifier.SUPPORTED_ALGORITHMS.contains(header.getAlgorithm())) {
060
061                        if (!(key instanceof ECPublicKey)) {
062                                throw new KeyTypeException(ECPublicKey.class);
063                        }
064
065                        ECPublicKey ecPublicKey = (ECPublicKey)key;
066
067                        return new ECDSAVerifier(ecPublicKey);
068
069                } else {
070
071                        throw new JOSEException("Unsupported JWS algorithm: " + header.getAlgorithm());
072                }
073        }
074}