Examples with SignatureAware com.bluenimble.platform.crypto.SignatureAware used on opensource projects

Search in sources :

Example 1 with SignatureAware

use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.

the class DefaultSigner method verify.

// Updated
@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
    try {
        if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
            SignatureAware signed = (SignatureAware) doc;
            byte[] signature = signed.getSignature();
            if (signature == null) {
                throw new SignerException("Signature not found in document");
            }
            Key key = signed.getKey();
            if (key == null) {
                throw new SignerException("Secret key not found in document");
            }
            sign(doc, key, null);
            byte[] expected = ((SignatureAware) doc).getSignature();
            if (!equals(signature, expected)) {
                throw new SignerException("Invalid signature");
            }
        } else {
            CMSSignedData signature = new CMSSignedData(doc.getBytes());
            SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator().next();
            // CertStore cs = signature.getCertificatesAndCRLs ("Collection", "BC"); //TODO : base Store returning method
            Store<?> cs = signature.getCertificates();
            Collection<?> matches = cs.getMatches(signer.getSID());
            Iterator<?> iter = matches.iterator();
            while (iter.hasNext()) {
                JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
                converter.setProvider("BC");
                X509Certificate cert = converter.getCertificate((X509CertificateHolder) iter.next());
                if (acceptor != null && !acceptor.accept(cert)) {
                    throw new SignerException("Invalid Signing Certificate, Not Accepted");
                }
                if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
                    throw new SignerException("Invalid signature");
                }
            }
            CMSProcessable sc = signature.getSignedContent();
            doc.setBytes((byte[]) sc.getContent());
        }
    } catch (Throwable th) {
        throw new SignerException(th, th.getMessage());
    }
}
Also used : SignatureAware(com.bluenimble.platform.crypto.SignatureAware) SignerInformation(org.bouncycastle.cms.SignerInformation) JcaSimpleSignerInfoVerifierBuilder(org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder) CMSSignedData(org.bouncycastle.cms.CMSSignedData) X509Certificate(java.security.cert.X509Certificate) CMSProcessable(org.bouncycastle.cms.CMSProcessable) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) SignerException(com.bluenimble.platform.crypto.signer.SignerException) StringKey(com.bluenimble.platform.crypto.signer.StringKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey) SecretKey(javax.crypto.SecretKey)

Example 2 with SignatureAware

use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.

the class DefaultSigner method signWithKey.

private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
    try {
        byte[] signature = null;
        if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
            Mac mac = Mac.getInstance(key.getAlgorithm());
            mac.init(key);
            signature = doc.getBytes();
            if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
                ((SignatureAware) doc).setSignature(Base64.encode(mac.doFinal(signature)));
            } else {
                doc.setBytes(mac.doFinal(signature));
            }
        } else {
            MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
            signature = md.digest(doc.getBytes());
            if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
                ((SignatureAware) doc).setSignature(hexEncode(signature));
            } else {
                doc.setBytes(hexEncode(signature));
            }
        }
    } catch (Throwable th) {
        throw new SignerException(th, th.getMessage());
    }
}
Also used : SignatureAware(com.bluenimble.platform.crypto.SignatureAware) MessageDigest(java.security.MessageDigest) SignerException(com.bluenimble.platform.crypto.signer.SignerException) Mac(javax.crypto.Mac)

Example 3 with SignatureAware

use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.

the class SimpleSigner method verify.

@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
    try {
        if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
            SignatureAware signed = (SignatureAware) doc;
            byte[] signature = signed.getSignature();
            if (signature == null) {
                throw new SignerException("Signature not found in document");
            }
            Key key = signed.getKey();
            if (key == null) {
                throw new SignerException("Secret key not found in document");
            }
            sign(doc, key, null);
            byte[] expected = ((SignatureAware) doc).getSignature();
            if (!equals(signature, expected)) {
                throw new SignerException("Invalid signature");
            }
        }
    } catch (Throwable th) {
        throw new SignerException(th, th.getMessage());
    }
}
Also used : SignatureAware(com.bluenimble.platform.crypto.SignatureAware) SignerException(com.bluenimble.platform.crypto.signer.SignerException) StringKey(com.bluenimble.platform.crypto.signer.StringKey) Key(java.security.Key) SecretKey(javax.crypto.SecretKey)

Example 4 with SignatureAware

use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.

the class SimpleSigner method signWithKey.

private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
    try {
        byte[] signature = null;
        if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
            Mac mac = Mac.getInstance(key.getAlgorithm());
            mac.init(key);
            signature = doc.getBytes();
            if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
                ((SignatureAware) doc).setSignature(new Base64().encode(mac.doFinal(signature)));
            } else {
                doc.setBytes(mac.doFinal(signature));
            }
        } else {
            MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
            signature = md.digest(doc.getBytes());
            if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
                ((SignatureAware) doc).setSignature(hexEncode(signature));
            } else {
                doc.setBytes(hexEncode(signature));
            }
        }
    } catch (Throwable th) {
        throw new SignerException(th, th.getMessage());
    }
}
Also used : Base64(com.bluenimble.platform.crypto.Base64) SignatureAware(com.bluenimble.platform.crypto.SignatureAware) MessageDigest(java.security.MessageDigest) SignerException(com.bluenimble.platform.crypto.signer.SignerException) Mac(javax.crypto.Mac)

Aggregations

SignatureAware (com.bluenimble.platform.crypto.SignatureAware)4 SignerException (com.bluenimble.platform.crypto.signer.SignerException)4 StringKey (com.bluenimble.platform.crypto.signer.StringKey)2 Key (java.security.Key)2 MessageDigest (java.security.MessageDigest)2 Mac (javax.crypto.Mac)2 SecretKey (javax.crypto.SecretKey)2 Base64 (com.bluenimble.platform.crypto.Base64)1 PrivateKey (java.security.PrivateKey)1 X509Certificate (java.security.cert.X509Certificate)1 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)1 CMSProcessable (org.bouncycastle.cms.CMSProcessable)1 CMSSignedData (org.bouncycastle.cms.CMSSignedData)1 SignerInformation (org.bouncycastle.cms.SignerInformation)1 JcaSimpleSignerInfoVerifierBuilder (org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial