001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jose.crypto; 019 020 021import java.security.InvalidKeyException; 022import java.security.Signature; 023import java.security.SignatureException; 024import java.security.interfaces.ECPublicKey; 025import java.util.Set; 026 027import com.nimbusds.jose.*; 028import com.nimbusds.jose.crypto.utils.ECChecks; 029import com.nimbusds.jose.jwk.ECKey; 030import com.nimbusds.jose.util.Base64URL; 031import net.jcip.annotations.ThreadSafe; 032 033 034/** 035 * Elliptic Curve Digital Signature Algorithm (ECDSA) verifier of 036 * {@link com.nimbusds.jose.JWSObject JWS objects}. Expects a private EC key 037 * (with a P-256, P-384 or P-521 curve). 038 * 039 * <p>See RFC 7518 040 * <a href="https://tools.ietf.org/html/rfc7518#section-3.4">section 3.4</a> 041 * for more information. 042 * 043 * <p>This class is thread-safe. 044 * 045 * <p>Supports the following algorithms: 046 * 047 * <ul> 048 * <li>{@link com.nimbusds.jose.JWSAlgorithm#ES256} 049 * <li>{@link com.nimbusds.jose.JWSAlgorithm#ES384} 050 * <li>{@link com.nimbusds.jose.JWSAlgorithm#ES512} 051 * </ul> 052 * 053 * @author Axel Nennker 054 * @author Vladimir Dzhuvinov 055 * @version 2017-04-13 056 */ 057@ThreadSafe 058public class ECDSAVerifier extends ECDSAProvider implements JWSVerifier, CriticalHeaderParamsAware { 059 060 061 /** 062 * The critical header policy. 063 */ 064 private final CriticalHeaderParamsDeferral critPolicy = new CriticalHeaderParamsDeferral(); 065 066 067 /** 068 * The public EC key. 069 */ 070 private final ECPublicKey publicKey; 071 072 073 /** 074 * Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA) 075 * verifier. 076 * 077 * @param publicKey The public EC key. Must not be {@code null}. 078 * 079 * @throws JOSEException If the elliptic curve of key is not supported. 080 */ 081 public ECDSAVerifier(final ECPublicKey publicKey) 082 throws JOSEException { 083 084 this(publicKey, null); 085 } 086 087 088 /** 089 * Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA) 090 * verifier. 091 * 092 * @param ecJWK The EC JSON Web Key (JWK). Must not be {@code null}. 093 * 094 * @throws JOSEException If the elliptic curve of key is not supported. 095 */ 096 public ECDSAVerifier(final ECKey ecJWK) 097 throws JOSEException { 098 099 this(ecJWK.toECPublicKey()); 100 } 101 102 103 /** 104 * Creates a new Elliptic Curve Digital Signature Algorithm (ECDSA) 105 * verifier. 106 * 107 * @param publicKey The public EC key. Must not be {@code null}. 108 * @param defCritHeaders The names of the critical header parameters 109 * that are deferred to the application for 110 * processing, empty set or {@code null} if none. 111 * 112 * @throws JOSEException If the elliptic curve of key is not supported. 113 */ 114 public ECDSAVerifier(final ECPublicKey publicKey, final Set<String> defCritHeaders) 115 throws JOSEException { 116 117 super(ECDSA.resolveAlgorithm(publicKey)); 118 119 this.publicKey = publicKey; 120 121 if (! ECChecks.isPointOnCurve( 122 publicKey, 123 ECKey.Curve.forJWSAlgoritm(supportedECDSAAlgorithm()).toECParameterSpec())) { 124 throw new JOSEException("Curve / public key parameters mismatch"); 125 } 126 127 critPolicy.setDeferredCriticalHeaderParams(defCritHeaders); 128 } 129 130 131 /** 132 * Returns the public EC key. 133 * 134 * @return The public EC key. 135 */ 136 public ECPublicKey getPublicKey() { 137 138 return publicKey; 139 } 140 141 142 @Override 143 public Set<String> getProcessedCriticalHeaderParams() { 144 145 return critPolicy.getProcessedCriticalHeaderParams(); 146 } 147 148 149 @Override 150 public Set<String> getDeferredCriticalHeaderParams() { 151 152 return critPolicy.getProcessedCriticalHeaderParams(); 153 } 154 155 156 @Override 157 public boolean verify(final JWSHeader header, 158 final byte[] signedContent, 159 final Base64URL signature) 160 throws JOSEException { 161 162 final JWSAlgorithm alg = header.getAlgorithm(); 163 164 if (! supportedJWSAlgorithms().contains(alg)) { 165 throw new JOSEException(AlgorithmSupportMessage.unsupportedJWSAlgorithm(alg, supportedJWSAlgorithms())); 166 } 167 168 if (! critPolicy.headerPasses(header)) { 169 return false; 170 } 171 172 final byte[] jwsSignature = signature.decode(); 173 174 final byte[] derSignature; 175 176 try { 177 derSignature = ECDSA.transcodeSignatureToDER(jwsSignature); 178 } catch (JOSEException e) { 179 // Invalid signature format 180 return false; 181 } 182 183 Signature sig = ECDSA.getSignerAndVerifier(alg, getJCAContext().getProvider()); 184 185 try { 186 sig.initVerify(publicKey); 187 sig.update(signedContent); 188 return sig.verify(derSignature); 189 190 } catch (InvalidKeyException e) { 191 throw new JOSEException("Invalid EC public key: " + e.getMessage(), e); 192 } catch (SignatureException e) { 193 return false; 194 } 195 } 196}