我正在尝试从 jose4j 中的 X.509 PEM 证书生成 JWK,但我没有得到任何线索来执行相同的操作。
我已经使用 nimbus jose+jwt 库实现了这一点,有人可以帮我提供 jose4j 的等效代码吗?
nimbus jose+jwt 的代码片段:
try {
jwk1 = (RSAKey) JWK.parseFromPEMEncodedX509Cert(certificateString);
Map<String, Object> jwkMap = jwk1.toJSONObject();
jwkMap.put("use", "enc");
jwkMap.put("alg", "RSA-OAEP-256");
jwk1 = (RSAKey) JWK.parse(jwkMap);
} catch (JOSEException ex) {
log.error("Exception while creating JWK from X.509 certificate : {}", ex.getMessage());
}
最佳答案
这里有一些大致相同的示例代码:
String pemCert =
"MIIC2jCCAkMCAg38MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\n" +
"A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\n" +
"MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\n" +
"YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\n" +
"ODIyMDUyNzQxWhcNMTcwODIxMDUyNzQxWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\n" +
"CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\n" +
"ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0z9FeMynsC8+u\n" +
"dvX+LciZxnh5uRj4C9S6tNeeAlIGCfQYk0zUcNFCoCkTknNQd/YEiawDLNbxBqut\n" +
"bMDZ1aarys1a0lYmUeVLCIqvzBkPJTSQsCopQQ9V8WuT252zzNzs68dVGNdCJd5J\n" +
"NRQykpwexmnjPPv0mvj7i8XgG379TyW6P+WWV5okeUkXJ9eJS2ouDYdR2SM9BoVW\n" +
"+FgxDu6BmXhozW5EfsnajFp7HL8kQClI0QOc79yuKl3492rH6bzFsFn2lfwWy9ic\n" +
"7cP8EpCTeFp1tFaD+vxBhPZkeTQ1HKx6hQ5zeHIB5ySJJZ7af2W8r4eTGYzbdRW2\n" +
"4DDHCPhZAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAQMv+BFvGdMVzkQaQ3/+2noVz\n" +
"/uAKbzpEL8xTcxYyP3lkOeh4FoxiSWqy5pGFALdPONoDuYFpLhjJSZaEwuvjI/Tr\n" +
"rGhLV1pRG9frwDFshqD2Vaj4ENBCBh6UpeBop5+285zQ4SI7q4U9oSebUDJiuOx6\n" +
"+tZ9KynmrbJpTSi0+BM=";
X509Util x509Util = new X509Util();
X509Certificate x509Certificate = x509Util.fromBase64Der(pemCert);
// create the JWK object with the public key from the cert
PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(x509Certificate.getPublicKey());
// sets the cert on the JWK object, which will be output in the x5c parameter
jwk.setCertificateChain(x509Certificate);
jwk.setUse(Use.ENCRYPTION);
jwk.setAlgorithm(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
System.out.println(jwk.toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY));
关于java - 如何在 jose4j 中从 X.509 PEM 证书生成 JWK?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/72798809/