From 72f3289f339ef3b8fe37be3740ff390d970f8e0e Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 12 May 2022 23:17:43 +0300 Subject: Use Churchkey library to read PEM files and keys --- .../java/com/juick/server/tests/ServerTests.java | 37 ++++------------------ 1 file changed, 7 insertions(+), 30 deletions(-) (limited to 'src/test/java/com/juick/server/tests') diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index e5b4562c2..a23c0a6fb 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -184,15 +184,6 @@ import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.tuple.Pair; import org.apache.commons.text.StringEscapeUtils; -import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; -import org.bouncycastle.jce.ECNamedCurveTable; -import org.bouncycastle.jce.interfaces.ECPrivateKey; -import org.bouncycastle.jce.interfaces.ECPublicKey; -import org.bouncycastle.jce.spec.ECParameterSpec; -import org.bouncycastle.jce.spec.ECPublicKeySpec; -import org.bouncycastle.math.ec.ECPoint; -import org.bouncycastle.openssl.PEMParser; -import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.MethodOrderer; @@ -235,6 +226,8 @@ import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponentsBuilder; import org.tomitribe.auth.signatures.Base64; +import org.tomitribe.churchkey.Key; +import org.tomitribe.churchkey.Keys; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; @@ -2493,28 +2486,12 @@ public class ServerTests { public void testAppleClientSecret() throws NoSuchAlgorithmException, IOException, InvalidKeySpecException, NoSuchProviderException { String secret = new String(clientSecretGenerator.getClientSecret().getBytes(), StandardCharsets.UTF_8); - Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); - JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter(); - pemConverter.setProvider("BC"); - final Reader pemReader = new InputStreamReader(new ByteArrayInputStream(clientSecretGenerator.getPemData())); - final PEMParser parser = new PEMParser(pemReader); - PrivateKey privateKey; - Object pemObj = parser.readObject(); + final Key key = Keys.decode(clientSecretGenerator.getPemData()); + + // Get the public key + final Key publicKey = key.getPublicKey(); - privateKey = pemConverter.getPrivateKey((PrivateKeyInfo) pemObj); - - // Generate public key from private key - KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC"); - ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp256r1"); - - ECPoint Q = ecSpec.getG().multiply(((ECPrivateKey) privateKey).getD()); - byte[] publicDerBytes = Q.getEncoded(false); - - ECPoint point = ecSpec.getCurve().decodePoint(publicDerBytes); - ECPublicKeySpec pubSpec = new ECPublicKeySpec(point, ecSpec); - ECPublicKey publicKeyGenerated = (ECPublicKey) keyFactory.generatePublic(pubSpec); - - Jws jwt = Jwts.parserBuilder().setSigningKey(publicKeyGenerated).build().parseClaimsJws(secret); + Jws jwt = Jwts.parserBuilder().setSigningKey(publicKey.getKey()).build().parseClaimsJws(secret); assertThat(jwt.getHeader().get("kid"), is("keyid")); assertThat(jwt.getHeader().get("alg"), is("ES256")); Claims claims = jwt.getBody(); -- cgit v1.2.3