ECDH + JWE加密使用nimbus-jose和Java 6

huangapple
go评论59阅读模式
英文:

ECDH + JWE encryption using nimbus-jose and Java 6

问题

我有一个问题,想知道你是否能帮助我。

我需要使用椭圆曲线创建一个加密的JWE。

我正在使用

jre 1.6.0,nimbus-jose-jwt-8.20-jdk6.jar,bcprov-jdk15to18-166.jar。

我已经创建了一个密钥库和一个带有EC算法和椭圆曲线P-512的密钥对。如果我使用私钥对JWT进行签名,然后尝试使用公钥验证它,一切都正常,但除了签名之外,我还需要加密以创建一个JWE,其中负载不可见。

当尝试使用公钥加密JWE时,它抛出以下异常

Exception in thread "main" java.lang.NoClassDefFoundError: java/util/Objects
at com.nimbusds.jose.jwk.KeyUse.hashCode(KeyUse.java:121)
at java.util.HashMap.put(Unknown Source)
at com.nimbusds.jose.jwk.KeyUseAndOpsConsistency.<clinit>(KeyUseAndOpsConsistency.java:43)
at com.nimbusds.jose.jwk.JWK.<init>(JWK.java:197)
at com.nimbusds.jose.jwk.ECKey.<init>(ECKey.java:706)
at com.nimbusds.jose.jwk.ECKey$Builder.build(ECKey.java:571)
at com.nimbusds.jose.crypto.ECDHEncrypter.encrypt(ECDHEncrypter.java:217)
at com.nimbusds.jose.JWEObject.encrypt(JWEObject.java:370)
at pruebasJwt.inicioJwt.main(inicioJwt.java:373)

这是我用来加密的代码:

		//加密令牌
		ECPublicKey publicKey = (ECPublicKey) certificadoBean.getPublicKey();
		Payload payload = new Payload(signedJWT2);
		JWEObject jwe = new JWEObject(jweHeader, payload);								
		jwe.encrypt(new ECDHEncrypter(publicKey)); //**这是异常发生的地方**
		String jweString = jwe.serialize();
		
		String tokenJwt = signedJWT2.serialize();
		System.err.println(tokenJwt);

我在eclipse的类路径中正确定义了这些库。

尽管我要求使用椭圆曲线进行JWE加密,但我已经创建了一个RSA测试证书,并且通过这种方式,我已经成功生成了一个带有该证书的加密JWE。

我还使用了https://connect2id.com/products/nimbus-jose-jwt/examples/jws-with-ec-signature页面上提供的一个非常简单的示例,但对我也不起作用。在创建密钥对时,我遇到了相同的异常。

public class JweEC {

	public static void main(String[] args) {
		System.out.println("############ 使用椭圆曲线签名的JWE开始 ##############");
		System.out.println("支持 ES512" + JCASupport.isSupported(JWSAlgorithm.ES512));
		
		//密码提供程序
		Provider bc = BouncyCastleProviderSingleton.getInstance();
		Security.addProvider(bc);
		System.out.println("支持 ES512" + JCASupport.isSupported(JWSAlgorithm.ES512));
		try {
			
			ECKey ecJWK = new ECKeyGenerator(Curve.P_521)
				    .generate(); **这是异常发生的地方**
				ECKey ecPublicJWK = ecJWK.toPublicJWK();
		}catch (Exception e) {
			// TODO: 处理异常
		}

	}

}

NoClassDefFoundError异常表明负责动态加载类的类加载器找不到您尝试使用的类的 .class 文件,但正如我之前所说,我所有的库都已经正确包含在类路径中。

是否可能是我遗漏了一些要包含的库?我不知道,我在这个问题上感到困惑。

英文:

I have a problem and I would like to know if you can help me.

I need to create an encrypted JWE with elliptic curve.

i am using

jre 1.6.0, nimbus-jose-jwt-8.20-jdk6.jar ,bcprov-jdk15to18-166.jar.

I have created a keystore and a key pair with the EC algorithm and elliptic curve P-512. If I sign the JWT with the private key and then I try to validate it with the public key everything works fine, but apart from signing I need to encrypt to make a JWE in which the payload is not seen.

When trying to encrypt the JWE with the public key it throws the following Exception

Exception in thread "main" java.lang.NoClassDefFoundError: java/util/Objects
at com.nimbusds.jose.jwk.KeyUse.hashCode(KeyUse.java:121)
at java.util.HashMap.put(Unknown Source)
at com.nimbusds.jose.jwk.KeyUseAndOpsConsistency.<clinit>(KeyUseAndOpsConsistency.java:43)
at com.nimbusds.jose.jwk.JWK.<init>(JWK.java:197)
at com.nimbusds.jose.jwk.ECKey.<init>(ECKey.java:706)
at com.nimbusds.jose.jwk.ECKey$Builder.build(ECKey.java:571)
at com.nimbusds.jose.crypto.ECDHEncrypter.encrypt(ECDHEncrypter.java:217)
at com.nimbusds.jose.JWEObject.encrypt(JWEObject.java:370)
at pruebasJwt.inicioJwt.main(inicioJwt.java:373)

this is the code that I use to encrypt:

		//encriptar token
		ECPublicKey publicKey = (ECPublicKey) certificadoBean.getPublicKey();
		Payload payload = new Payload(signedJWT2);
		JWEObject jwe = new JWEObject(jweHeader, payload);								
		jwe.encrypt(new ECDHEncrypter(publicKey)); //**This is where the exception occurs**
		String jweString = jwe.serialize();
		
		String tokenJwt = signedJWT2.serialize();
		System.err.println(tokenJwt);

I have the libraries well defined in the eclipe classpath.

Although my requirements is JWE encrypted with an elliptic curve, I have created a test certificate RSA and in this way I have been able to generate an encrypted JWE with said certificate without problems.

I have also used a very simple example that they put on the https://connect2id.com/products/nimbus-jose-jwt/examples/jws-with-ec-signature page and it doesn't work for me either. When creating the key pair I get the same exception.

public class JweEC {

	public static void main(String[] args) {
		System.out.println("############ INICIO JWE FIRMADO CON CERTIFICADO CURVA ELIPTICA ##############");
		System.out.println("soporta ES512" + JCASupport.isSupported(JWSAlgorithm.ES512));
		
		//Proveedor de criptografica
		Provider bc = BouncyCastleProviderSingleton.getInstance();
		Security.addProvider(bc);
		System.out.println("soporta ES512" + JCASupport.isSupported(JWSAlgorithm.ES512));
		try {
			
			ECKey ecJWK = new ECKeyGenerator(Curve.P_521)
				    .generate(); **This is where the exception occurs**
				ECKey ecPublicJWK = ecJWK.toPublicJWK();
		}catch (Exception e) {
			// TODO: handle exception
		}

	}

}

The NoClassDefFoundError Exception indicates that the class loader responsible for dynamic class loading cannot find the .class file for the class you are trying to use, but as I said before all my libraries are well included in the classpath.

Could it be that I am missing some liberia to include? I don't know, I'm lost with this problem

答案1

得分: 2

问题在于 nimbus-jose-jwt-8.20-jdk6.jar 并不支持在 Java 6 上运行,尽管其名称中出现了 'jdk6'。

您看到的错误是因为 KeyUse 类的 hashCode() 方法使用了 java.util.Objects 实用类中的方法,而这个类仅从 Java 7 开始提供。

强烈建议您将 Java 版本从 6 升级至至少 Java 8。这样做肯定会解决这个问题。然而,如果您被困在 Java 6 上,您将不得不与 Connect2Id 联系,并要求他们提供支持。

英文:

The problem is that nimbus-jose-jwt-8.20-jdk6.jar does not support being run on Java 6, despite the appearance of 'jdk6' in its name.

You are getting the error you are seeing because the hashCode() method of the <a href="https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/src/main/java/com/nimbusds/jose/jwk/KeyUse.java">KeyUse</a> class uses a method in the <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Objects.html">java.util.Objects</a> utility class, and this class is only available from Java 7 onwards.

I would strongly recommend upgrading from Java 6, to Java 8 at least. Doing so would certainly get around this problem. However, if you are stuck with Java 6, you will have to <a href="https://connect2id.com/contact">get in contact with Connect2Id</a> and ask them for support.

答案2

得分: 1

我收到了来自connect2id的回复,告诉我问题就像Luke说的那样,有些东西是用Java 7编码的,而这个案例就是其中之一。
最终,在尝试了其他版本的nimbus-jose-jwt-6.8-jdk6.jar后,一切都如我所希望的那样正常工作了。

英文:

I received a response from connect2id telling me that it was a problem as Luke said, there are things encoded with Java 7 and this case was one of them.
In the end trying other versions with nimbus-jose-jwt-6.8-jdk6.jar finally everything works as I wanted.

huangapple
  • 本文由 发表于 2020年9月5日 19:15:01
  • 转载请务必保留本文链接:https://go.coder-hub.com/63753287.html
  • encryption
  • java
  • jwe
  • jwt
  • nimbus-jose-jwt
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定