Skip to content

Instantly share code, notes, and snippets.

@anoopgarlapati

anoopgarlapati/RsaJwkGenerator.java

Last active June 24, 2021 09:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anoopgarlapati/b0ce71766c26fc8d60d06e5d8c0bbdae to your computer and use it in GitHub Desktop.
Save anoopgarlapati/b0ce71766c26fc8d60d06e5d8c0bbdae to your computer and use it in GitHub Desktop.
Download ZIP
Utility to generate RSA key pair in JWKS format. The program takes in two arguments - the key identifier and the modulus for the key and generates RSA key pair which is converted to JWKS format and then written to signing-keystone.jwks file.
Raw
RsaJwkGenerator.java
import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Base64;
/**
* Utility to generate RSA JWKS key pair.
*/
public class RsaJwkGenerator {
public static void main(String[] args) throws IOException {
generateJwk(args[0], args[1]);
}
private static void generateJwk(String kid, String modulus) throws IOException {
KeyPair keyPair;
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
int keySize = Integer.parseInt(modulus);
keyPairGenerator.initialize(keySize);
keyPair = keyPairGenerator.generateKeyPair();
} catch (Exception ex) {
throw new IllegalStateException(ex);
}
final RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
final RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
String kty = "RSA";
// process RSA public key
String n = Base64.getUrlEncoder().encodeToString(publicKey.getModulus().toByteArray());
String e = Base64.getUrlEncoder().encodeToString(publicKey.getPublicExponent().toByteArray());
// process RSA private key
String d = null;
String p = null;
String q = null;
String dp = null;
String dq = null;
String qi = null;
if (privateKey instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey privateCrtKey = (RSAPrivateCrtKey) privateKey;
d = Base64.getUrlEncoder().encodeToString(privateCrtKey.getPrivateExponent().toByteArray());
p = Base64.getUrlEncoder().encodeToString(privateCrtKey.getPrimeP().toByteArray());
q = Base64.getUrlEncoder().encodeToString(privateCrtKey.getPrimeQ().toByteArray());
dp = Base64.getUrlEncoder().encodeToString(privateCrtKey.getPrimeExponentP().toByteArray());
dq = Base64.getUrlEncoder().encodeToString(privateCrtKey.getPrimeExponentQ().toByteArray());
qi = Base64.getUrlEncoder().encodeToString(privateCrtKey.getCrtCoefficient().toByteArray());
} else {
throw new IllegalStateException("Unable to generate RSA key");
}
// prepare JWKS
String jwks = "{\"keys\":[{" + "\"e\":\"" + e + "\"," +
"\"kty\":\"" + kty + "\"," +
"\"n\":\"" + n + "\"," +
"\"d\":\"" + d + "\"," +
"\"p\":\"" + p + "\"," +
"\"q\":\"" + q + "\"," +
"\"dp\":\"" + dp + "\"," +
"\"dq\":\"" + dq + "\"," +
"\"qi\":\"" + qi + "\"," +
"\"kid\":\"" + kid + "\"}]}";
// write JWKS to file
BufferedWriter writer = new BufferedWriter(new FileWriter("signing-keystore.jwks"));
writer.write(jwks);
writer.close();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment