Examples with SignatureException java.security.SignatureException used on opensource projects

Example 1 with SignatureException

use of java.security.SignatureException in project OpenAttestation by OpenAttestation.

the class Diagnostic method trySignature.

private static void trySignature() {
    String algorithmName = "SHA1withRSA";
    try {
        // generate keypair
        // NoSuchAlgorithmException, NoSuchProviderException
        KeyPair keyPair = KeyPairGenerator.getInstance("RSA", "BC").generateKeyPair();
        PrivateKey privateKey = keyPair.getPrivate();
        String plaintext = "This is the message being signed";
        // generate signature
        // NoSuchAlgorithmException, NoSuchProviderException
        Signature instance = Signature.getInstance("SHA1withRSAEncryption", "BC");
        // InvalidKeyException
        instance.initSign(privateKey);
        // SignatureException
        instance.update((plaintext).getBytes());
        byte[] signature = instance.sign();
        System.out.println("Generated SHA1 with RSA signature of length: " + signature.length);
    } catch (NoSuchProviderException e) {
        System.err.println("Cannot use provider: BC: " + e.toString());
    } catch (NoSuchAlgorithmException e) {
        System.err.println("Cannot use algorithm: " + algorithmName + ": " + e.toString());
    } catch (InvalidKeyException e) {
        System.err.println("Cannot use key: " + e.toString());
    } catch (SignatureException e) {
        System.err.println("Cannot generate signature: " + e.toString());
    }
}

Example 2 with SignatureException

use of java.security.SignatureException in project SeriesGuide by UweTrottmann.

the class Security method verify.

/**
     * Verifies that the signature from the server matches the computed
     * signature on the data.  Returns true if the data is correctly signed.
     *
     * @param publicKey public key associated with the developer account
     * @param signedData signed data from server
     * @param signature server signature
     * @return true if the data and signature match
     */
public static boolean verify(PublicKey publicKey, String signedData, String signature) {
    Signature sig;
    try {
        sig = Signature.getInstance(SIGNATURE_ALGORITHM);
        sig.initVerify(publicKey);
        sig.update(signedData.getBytes());
        if (!sig.verify(Base64.decode(signature))) {
            Timber.e("Signature verification failed.");
            return false;
        }
        return true;
    } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException | Base64DecoderException e) {
        Timber.e(e, "Signature verification aborted.");
    }
    return false;
}

Example 3 with SignatureException

use of java.security.SignatureException in project walle by Meituan-Dianping.

the class V2SchemeSigner method generateApkSigningBlock.

/**
     * Signs the provided APK using APK Signature Scheme v2 and returns the APK Signing Block
     * containing the signature.
     *
     * @param signerConfigs signer configurations, one for each signer At least one signer config
     *        must be provided.
     *
     * @throws IOException if an I/O error occurs
     * @throws InvalidKeyException if a signing key is not suitable for this signature scheme or
     *         cannot be used in general
     * @throws SignatureException if an error occurs when computing digests of generating
     *         signatures
     */
public static byte[] generateApkSigningBlock(DataSource beforeCentralDir, DataSource centralDir, DataSource eocd, List<SignerConfig> signerConfigs) throws IOException, InvalidKeyException, SignatureException {
    if (signerConfigs.isEmpty()) {
        throw new IllegalArgumentException("No signer configs provided. At least one is required");
    }
    // Figure out which digest(s) to use for APK contents.
    Set<ContentDigestAlgorithm> contentDigestAlgorithms = new HashSet<>(1);
    for (SignerConfig signerConfig : signerConfigs) {
        for (SignatureAlgorithm signatureAlgorithm : signerConfig.signatureAlgorithms) {
            contentDigestAlgorithms.add(signatureAlgorithm.getContentDigestAlgorithm());
        }
    }
    // Ensure that, when digesting, ZIP End of Central Directory record's Central Directory
    // offset field is treated as pointing to the offset at which the APK Signing Block will
    // start.
    long centralDirOffsetForDigesting = beforeCentralDir.size();
    ByteBuffer eocdBuf = ByteBuffer.allocate((int) eocd.size());
    eocdBuf.order(ByteOrder.LITTLE_ENDIAN);
    eocd.copyTo(0, (int) eocd.size(), eocdBuf);
    eocdBuf.flip();
    ZipUtils.setZipEocdCentralDirectoryOffset(eocdBuf, centralDirOffsetForDigesting);
    // Compute digests of APK contents.
    // digest algorithm ID -> digest
    Map<ContentDigestAlgorithm, byte[]> contentDigests;
    try {
        contentDigests = computeContentDigests(contentDigestAlgorithms, new DataSource[] { beforeCentralDir, centralDir, DataSources.asDataSource(eocdBuf) });
    } catch (IOException e) {
        throw new IOException("Failed to read APK being signed", e);
    } catch (DigestException e) {
        throw new SignatureException("Failed to compute digests of APK", e);
    }
    // Sign the digests and wrap the signatures and signer info into an APK Signing Block.
    return generateApkSigningBlock(signerConfigs, contentDigests);
}

Example 4 with SignatureException

use of java.security.SignatureException in project walle by Meituan-Dianping.

the class V2SchemeSigner method generateApkSignatureSchemeV2Block.

private static byte[] generateApkSignatureSchemeV2Block(List<SignerConfig> signerConfigs, Map<ContentDigestAlgorithm, byte[]> contentDigests) throws InvalidKeyException, SignatureException {
    // FORMAT:
    // * length-prefixed sequence of length-prefixed signer blocks.
    List<byte[]> signerBlocks = new ArrayList<>(signerConfigs.size());
    int signerNumber = 0;
    for (SignerConfig signerConfig : signerConfigs) {
        signerNumber++;
        byte[] signerBlock;
        try {
            signerBlock = generateSignerBlock(signerConfig, contentDigests);
        } catch (InvalidKeyException e) {
            throw new InvalidKeyException("Signer #" + signerNumber + " failed", e);
        } catch (SignatureException e) {
            throw new SignatureException("Signer #" + signerNumber + " failed", e);
        }
        signerBlocks.add(signerBlock);
    }
    return encodeAsSequenceOfLengthPrefixedElements(new byte[][] { encodeAsSequenceOfLengthPrefixedElements(signerBlocks) });
}

Example 5 with SignatureException

use of java.security.SignatureException in project walle by Meituan-Dianping.

the class V1SchemeSigner method signManifest.

/**
     * Signs the provided APK using JAR signing (aka v1 signature scheme) and returns the list of
     * JAR entries which need to be added to the APK as part of the signature.
     *
     * @param signerConfigs signer configurations, one for each signer. At least one signer config
     *        must be provided.
     *
     * @throws InvalidKeyException if a signing key is not suitable for this signature scheme or
     *         cannot be used in general
     * @throws SignatureException if an error occurs when computing digests of generating
     *         signatures
     */
public static List<Pair<String, byte[]>> signManifest(List<SignerConfig> signerConfigs, DigestAlgorithm digestAlgorithm, List<Integer> apkSigningSchemeIds, OutputManifestFile manifest) throws InvalidKeyException, CertificateEncodingException, SignatureException {
    if (signerConfigs.isEmpty()) {
        throw new IllegalArgumentException("At least one signer config must be provided");
    }
    // For each signer output .SF and .(RSA|DSA|EC) file, then output MANIFEST.MF.
    List<Pair<String, byte[]>> signatureJarEntries = new ArrayList<>(2 * signerConfigs.size() + 1);
    byte[] sfBytes = generateSignatureFile(apkSigningSchemeIds, digestAlgorithm, manifest);
    for (SignerConfig signerConfig : signerConfigs) {
        String signerName = signerConfig.name;
        byte[] signatureBlock;
        try {
            signatureBlock = generateSignatureBlock(signerConfig, sfBytes);
        } catch (InvalidKeyException e) {
            throw new InvalidKeyException("Failed to sign using signer \"" + signerName + "\"", e);
        } catch (CertificateEncodingException e) {
            throw new CertificateEncodingException("Failed to sign using signer \"" + signerName + "\"", e);
        } catch (SignatureException e) {
            throw new SignatureException("Failed to sign using signer \"" + signerName + "\"", e);
        }
        signatureJarEntries.add(Pair.of("META-INF/" + signerName + ".SF", sfBytes));
        PublicKey publicKey = signerConfig.certificates.get(0).getPublicKey();
        String signatureBlockFileName = "META-INF/" + signerName + "." + publicKey.getAlgorithm().toUpperCase(Locale.US);
        signatureJarEntries.add(Pair.of(signatureBlockFileName, signatureBlock));
    }
    signatureJarEntries.add(Pair.of(MANIFEST_ENTRY_NAME, manifest.contents));
    return signatureJarEntries;
}