use of com.bluenimble.platform.crypto.signer.SignerException in project serverless by bluenimble.
the class SignVerifyDocument method main.
public static void main(String[] args) throws StoreLoaderException, UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, CertificateException, SignerException, IOException {
String password = "beesphere";
String alias = "beesphere";
String p12 = "beesphere.p12";
final String cer = "beesphere.cer";
CertificatesManager cm = new DefaultCertificatesManager();
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(CertificatesManager.KEY_PASSWORD, password);
KeyStore ks = cm.load(new FileInputStream(p12), properties);
PrivateKey key = (PrivateKey) ks.getKey(alias, password.toCharArray());
Signer signer = new DefaultSigner();
SecureDocument doc = new StringSecureDocument("a document to sign");
signer.sign(doc, key, new X509Certificate[] { ReadX509.read(new FileInputStream(cer)) });
System.out.println(new String(doc.getBytes()));
signer.verify(doc, new CertificateAcceptor() {
private static final long serialVersionUID = 8524753501741582177L;
@Override
public boolean accept(X509Certificate cert) throws SignerException {
try {
return cert.equals(ReadX509.read(new FileInputStream(cer)));
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
});
System.out.println(new String(doc.getBytes()));
}
use of com.bluenimble.platform.crypto.signer.SignerException in project serverless by bluenimble.
the class DefaultSigner method verify.
// Updated
@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
try {
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
SignatureAware signed = (SignatureAware) doc;
byte[] signature = signed.getSignature();
if (signature == null) {
throw new SignerException("Signature not found in document");
}
Key key = signed.getKey();
if (key == null) {
throw new SignerException("Secret key not found in document");
}
sign(doc, key, null);
byte[] expected = ((SignatureAware) doc).getSignature();
if (!equals(signature, expected)) {
throw new SignerException("Invalid signature");
}
} else {
CMSSignedData signature = new CMSSignedData(doc.getBytes());
SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator().next();
// CertStore cs = signature.getCertificatesAndCRLs ("Collection", "BC"); //TODO : base Store returning method
Store<?> cs = signature.getCertificates();
Collection<?> matches = cs.getMatches(signer.getSID());
Iterator<?> iter = matches.iterator();
while (iter.hasNext()) {
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
converter.setProvider("BC");
X509Certificate cert = converter.getCertificate((X509CertificateHolder) iter.next());
if (acceptor != null && !acceptor.accept(cert)) {
throw new SignerException("Invalid Signing Certificate, Not Accepted");
}
if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
throw new SignerException("Invalid signature");
}
}
CMSProcessable sc = signature.getSignedContent();
doc.setBytes((byte[]) sc.getContent());
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.signer.SignerException in project serverless by bluenimble.
the class DefaultSigner method signWithKey.
private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
try {
byte[] signature = null;
if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
Mac mac = Mac.getInstance(key.getAlgorithm());
mac.init(key);
signature = doc.getBytes();
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(Base64.encode(mac.doFinal(signature)));
} else {
doc.setBytes(mac.doFinal(signature));
}
} else {
MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
signature = md.digest(doc.getBytes());
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(hexEncode(signature));
} else {
doc.setBytes(hexEncode(signature));
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.signer.SignerException in project serverless by bluenimble.
the class SimpleSigner method verify.
@Override
public void verify(SecureDocument doc, CertificateAcceptor acceptor) throws SignerException {
try {
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
SignatureAware signed = (SignatureAware) doc;
byte[] signature = signed.getSignature();
if (signature == null) {
throw new SignerException("Signature not found in document");
}
Key key = signed.getKey();
if (key == null) {
throw new SignerException("Secret key not found in document");
}
sign(doc, key, null);
byte[] expected = ((SignatureAware) doc).getSignature();
if (!equals(signature, expected)) {
throw new SignerException("Invalid signature");
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
use of com.bluenimble.platform.crypto.signer.SignerException in project serverless by bluenimble.
the class SimpleSigner method signWithKey.
private void signWithKey(SecureDocument doc, SecretKey key) throws SignerException {
try {
byte[] signature = null;
if (key.getAlgorithm().equals(Algorithm.HmacSHA1.getId())) {
Mac mac = Mac.getInstance(key.getAlgorithm());
mac.init(key);
signature = doc.getBytes();
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(new Base64().encode(mac.doFinal(signature)));
} else {
doc.setBytes(mac.doFinal(signature));
}
} else {
MessageDigest md = MessageDigest.getInstance(key.getAlgorithm());
signature = md.digest(doc.getBytes());
if (SignatureAware.class.isAssignableFrom(doc.getClass())) {
((SignatureAware) doc).setSignature(hexEncode(signature));
} else {
doc.setBytes(hexEncode(signature));
}
}
} catch (Throwable th) {
throw new SignerException(th, th.getMessage());
}
}
Aggregations