use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.
the class DefaultSigner method verify.
// Updated
@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
try {
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
SignatureAware signed = (SignatureAware) doc;
byte[] signature = signed.getSignature();
if (signature == null) {
throw new SignerException("Signature not found in document");
}
Key key = signed.getKey();
if (key == null) {
throw new SignerException("Secret key not found in document");
}
sign(doc, key, null);
byte[] expected = ((SignatureAware) doc).getSignature();
if (!equals(signature, expected)) {
throw new SignerException("Invalid signature");
}
} else {
CMSSignedData signature = new CMSSignedData(doc.getBytes());
SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator().next();
// CertStore cs = signature.getCertificatesAndCRLs ("Collection", "BC"); //TODO : base Store returning method
Store<?> cs = signature.getCertificates();
Collection<?> matches = cs.getMatches(signer.getSID());
Iterator<?> iter = matches.iterator();
while (iter.hasNext()) {
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
converter.setProvider("BC");
X509Certificate cert = converter.getCertificate((X509CertificateHolder) iter.next());
if (acceptor != null && !acceptor.accept(cert)) {
throw new SignerException("Invalid Signing Certificate, Not Accepted");
}
if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
throw new SignerException("Invalid signature");
}
}
CMSProcessable sc = signature.getSignedContent();
doc.setBytes((byte[]) sc.getContent());
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.
the class DefaultSigner method signWithKey.
private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
try {
byte[] signature = null;
if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
Mac mac = Mac.getInstance(key.getAlgorithm());
mac.init(key);
signature = doc.getBytes();
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(Base64.encode(mac.doFinal(signature)));
} else {
doc.setBytes(mac.doFinal(signature));
}
} else {
MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
signature = md.digest(doc.getBytes());
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(hexEncode(signature));
} else {
doc.setBytes(hexEncode(signature));
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.
the class SimpleSigner method verify.
@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
try {
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
SignatureAware signed = (SignatureAware) doc;
byte[] signature = signed.getSignature();
if (signature == null) {
throw new SignerException("Signature not found in document");
}
Key key = signed.getKey();
if (key == null) {
throw new SignerException("Secret key not found in document");
}
sign(doc, key, null);
byte[] expected = ((SignatureAware) doc).getSignature();
if (!equals(signature, expected)) {
throw new SignerException("Invalid signature");
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.SignatureAware in project serverless by bluenimble.
the class SimpleSigner method signWithKey.
private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
try {
byte[] signature = null;
if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
Mac mac = Mac.getInstance(key.getAlgorithm());
mac.init(key);
signature = doc.getBytes();
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(new Base64().encode(mac.doFinal(signature)));
} else {
doc.setBytes(mac.doFinal(signature));
}
} else {
MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
signature = md.digest(doc.getBytes());
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(hexEncode(signature));
} else {
doc.setBytes(hexEncode(signature));
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
Aggregations