如何从Jose4J中的X.509 PEM证书生成JWK？

发布于 2025-02-12 01:14:27 字数 581 浏览 2 评论 0原文

我试图从Jose4J的X.509 PEM证书中生产JWK，但我没有任何线索可以这样做。

我已经使用Nimbus Jose+JWT库实现了这一目标，有人可以帮助我使用Jose4J的同等代码吗？

Nimbus Jose+JWT的代码件：

try {
      jwk1 = (RSAKey) JWK.parseFromPEMEncodedX509Cert(certificateString);
      Map<String, Object> jwkMap = jwk1.toJSONObject();
      jwkMap.put("use", "enc");
      jwkMap.put("alg", "RSA-OAEP-256");
      jwk1 = (RSAKey) JWK.parse(jwkMap);
    } catch (JOSEException ex) {
      log.error("Exception while creating JWK from X.509 certificate : {}", ex.getMessage());
    }

原文

I am trying to produce JWK from an X.509 PEM certificate in jose4j, but I am not getting any clue to do the same.

I have already achieved this using nimbus jose+jwt library , can someone please help me with equivalent code for jose4j?

Code piece for nimbus jose+jwt :

try {
      jwk1 = (RSAKey) JWK.parseFromPEMEncodedX509Cert(certificateString);
      Map<String, Object> jwkMap = jwk1.toJSONObject();
      jwkMap.put("use", "enc");
      jwkMap.put("alg", "RSA-OAEP-256");
      jwk1 = (RSAKey) JWK.parse(jwkMap);
    } catch (JOSEException ex) {
      log.error("Exception while creating JWK from X.509 certificate : {}", ex.getMessage());
    }

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

厌倦 2025-02-19 01:14:27

这是一些大致等效的示例代码：

   String pemCert =
       "MIIC2jCCAkMCAg38MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\n" +
       "A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\n" +
       "MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\n" +
       "YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\n" +
       "ODIyMDUyNzQxWhcNMTcwODIxMDUyNzQxWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\n" +
       "CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\n" +
       "ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0z9FeMynsC8+u\n" +
       "dvX+LciZxnh5uRj4C9S6tNeeAlIGCfQYk0zUcNFCoCkTknNQd/YEiawDLNbxBqut\n" +
       "bMDZ1aarys1a0lYmUeVLCIqvzBkPJTSQsCopQQ9V8WuT252zzNzs68dVGNdCJd5J\n" +
       "NRQykpwexmnjPPv0mvj7i8XgG379TyW6P+WWV5okeUkXJ9eJS2ouDYdR2SM9BoVW\n" +
       "+FgxDu6BmXhozW5EfsnajFp7HL8kQClI0QOc79yuKl3492rH6bzFsFn2lfwWy9ic\n" +
       "7cP8EpCTeFp1tFaD+vxBhPZkeTQ1HKx6hQ5zeHIB5ySJJZ7af2W8r4eTGYzbdRW2\n" +
       "4DDHCPhZAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAQMv+BFvGdMVzkQaQ3/+2noVz\n" +
       "/uAKbzpEL8xTcxYyP3lkOeh4FoxiSWqy5pGFALdPONoDuYFpLhjJSZaEwuvjI/Tr\n" +
       "rGhLV1pRG9frwDFshqD2Vaj4ENBCBh6UpeBop5+285zQ4SI7q4U9oSebUDJiuOx6\n" +
       "+tZ9KynmrbJpTSi0+BM=";

    X509Util x509Util = new X509Util();
    X509Certificate x509Certificate = x509Util.fromBase64Der(pemCert);

    // create the JWK object with the public key from the cert
    PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(x509Certificate.getPublicKey());

    // sets the cert on the JWK object, which will be output in the x5c parameter
    jwk.setCertificateChain(x509Certificate);

    jwk.setUse(Use.ENCRYPTION);
    jwk.setAlgorithm(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);

    System.out.println(jwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY));

Here's some roughly equivalent example code:

   String pemCert =
       "MIIC2jCCAkMCAg38MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\n" +
       "A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\n" +
       "MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\n" +
       "YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\n" +
       "ODIyMDUyNzQxWhcNMTcwODIxMDUyNzQxWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\n" +
       "CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\n" +
       "ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0z9FeMynsC8+u\n" +
       "dvX+LciZxnh5uRj4C9S6tNeeAlIGCfQYk0zUcNFCoCkTknNQd/YEiawDLNbxBqut\n" +
       "bMDZ1aarys1a0lYmUeVLCIqvzBkPJTSQsCopQQ9V8WuT252zzNzs68dVGNdCJd5J\n" +
       "NRQykpwexmnjPPv0mvj7i8XgG379TyW6P+WWV5okeUkXJ9eJS2ouDYdR2SM9BoVW\n" +
       "+FgxDu6BmXhozW5EfsnajFp7HL8kQClI0QOc79yuKl3492rH6bzFsFn2lfwWy9ic\n" +
       "7cP8EpCTeFp1tFaD+vxBhPZkeTQ1HKx6hQ5zeHIB5ySJJZ7af2W8r4eTGYzbdRW2\n" +
       "4DDHCPhZAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAQMv+BFvGdMVzkQaQ3/+2noVz\n" +
       "/uAKbzpEL8xTcxYyP3lkOeh4FoxiSWqy5pGFALdPONoDuYFpLhjJSZaEwuvjI/Tr\n" +
       "rGhLV1pRG9frwDFshqD2Vaj4ENBCBh6UpeBop5+285zQ4SI7q4U9oSebUDJiuOx6\n" +
       "+tZ9KynmrbJpTSi0+BM=";

    X509Util x509Util = new X509Util();
    X509Certificate x509Certificate = x509Util.fromBase64Der(pemCert);

    // create the JWK object with the public key from the cert
    PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(x509Certificate.getPublicKey());

    // sets the cert on the JWK object, which will be output in the x5c parameter
    jwk.setCertificateChain(x509Certificate);

    jwk.setUse(Use.ENCRYPTION);
    jwk.setAlgorithm(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);

    System.out.println(jwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY));

回复收藏 0 原文

~没有更多了~