Search in sources :

Example 51 with Signature

use of com.github.zhenwei.core.asn1.ocsp.Signature in project LinLong-Java by zhenwei1108.

the class EACCertificateHolder method isSignatureValid.

public boolean isSignatureValid(EACSignatureVerifier verifier) throws EACException {
    try {
        OutputStream vOut = verifier.getOutputStream();
        vOut.write(cvCertificate.getBody().getEncoded(ASN1Encoding.DER));
        vOut.close();
        return verifier.verify(cvCertificate.getSignature());
    } catch (Exception e) {
        throw new EACException("unable to process signature: " + e.getMessage(), e);
    }
}
Also used : OutputStream(java.io.OutputStream) ASN1ParsingException(com.github.zhenwei.core.asn1.ASN1ParsingException) IOException(java.io.IOException)

Example 52 with Signature

use of com.github.zhenwei.core.asn1.ocsp.Signature in project LinLong-Java by zhenwei1108.

the class EACCertificateRequestHolder method isInnerSignatureValid.

public boolean isInnerSignatureValid(EACSignatureVerifier verifier) throws EACException {
    try {
        OutputStream vOut = verifier.getOutputStream();
        vOut.write(request.getCertificateBody().getEncoded(ASN1Encoding.DER));
        vOut.close();
        return verifier.verify(request.getInnerSignature());
    } catch (Exception e) {
        throw new EACException("unable to process signature: " + e.getMessage(), e);
    }
}
Also used : OutputStream(java.io.OutputStream) ASN1ParsingException(com.github.zhenwei.core.asn1.ASN1ParsingException) IOException(java.io.IOException)

Example 53 with Signature

use of com.github.zhenwei.core.asn1.ocsp.Signature in project LinLong-Java by zhenwei1108.

the class OperatorHelper method createSignature.

Signature createSignature(AlgorithmIdentifier sigAlgId) throws GeneralSecurityException {
    String sigName = getSignatureName(sigAlgId);
    Signature sig;
    try {
        sig = helper.createSignature(sigName);
    } catch (NoSuchAlgorithmException e) {
        // 
        if (sigName.endsWith("WITHRSAANDMGF1")) {
            String signatureAlgorithm = sigName.substring(0, sigName.indexOf('W')) + "WITHRSASSA-PSS";
            sig = helper.createSignature(signatureAlgorithm);
        } else {
            throw e;
        }
    }
    if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
        ASN1Sequence seq = ASN1Sequence.getInstance(sigAlgId.getParameters());
        if (notDefaultPSSParams(seq)) {
            try {
                AlgorithmParameters algParams = helper.createAlgorithmParameters("PSS");
                algParams.init(seq.getEncoded());
                sig.setParameter(algParams.getParameterSpec(PSSParameterSpec.class));
            } catch (IOException e) {
                throw new GeneralSecurityException("unable to process PSS parameters: " + e.getMessage());
            }
        }
    }
    return sig;
}
Also used : ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) PSSParameterSpec(java.security.spec.PSSParameterSpec) Signature(java.security.Signature) GeneralSecurityException(java.security.GeneralSecurityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) AlgorithmParameters(java.security.AlgorithmParameters)

Example 54 with Signature

use of com.github.zhenwei.core.asn1.ocsp.Signature in project LinLong-Java by zhenwei1108.

the class PKCS10CertificationRequest method isSignatureValid.

/**
 * Validate the signature on the PKCS10 certification request in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the
 *                         signature.
 * @return true if the signature is valid, false otherwise.
 * @throws PKCSException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws PKCSException {
    CertificationRequestInfo requestInfo = certificationRequest.getCertificationRequestInfo();
    ContentVerifier verifier;
    try {
        verifier = verifierProvider.get(certificationRequest.getSignatureAlgorithm());
        OutputStream sOut = verifier.getOutputStream();
        sOut.write(requestInfo.getEncoded(ASN1Encoding.DER));
        sOut.close();
    } catch (Exception e) {
        throw new PKCSException("unable to process signature: " + e.getMessage(), e);
    }
    return verifier.verify(this.getSignature());
}
Also used : CertificationRequestInfo(com.github.zhenwei.core.asn1.pkcs.CertificationRequestInfo) ContentVerifier(com.github.zhenwei.pkix.operator.ContentVerifier) OutputStream(java.io.OutputStream) IOException(java.io.IOException)

Example 55 with Signature

use of com.github.zhenwei.core.asn1.ocsp.Signature in project LinLong-Java by zhenwei1108.

the class JcaContentVerifierProviderBuilder method build.

public ContentVerifierProvider build(final X509Certificate certificate) throws OperatorCreationException {
    final X509CertificateHolder certHolder;
    try {
        certHolder = new JcaX509CertificateHolder(certificate);
    } catch (CertificateEncodingException e) {
        throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e);
    }
    return new ContentVerifierProvider() {

        public boolean hasAssociatedCertificate() {
            return true;
        }

        public X509CertificateHolder getAssociatedCertificate() {
            return certHolder;
        }

        public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
            if (algorithm.getAlgorithm().equals(MiscObjectIdentifiers.id_alg_composite)) {
                return createCompositeVerifier(algorithm, certificate.getPublicKey());
            } else {
                Signature sig;
                try {
                    sig = helper.createSignature(algorithm);
                    sig.initVerify(certificate.getPublicKey());
                } catch (GeneralSecurityException e) {
                    throw new OperatorCreationException("exception on setup: " + e, e);
                }
                Signature rawSig = createRawSig(algorithm, certificate.getPublicKey());
                if (rawSig != null) {
                    return new RawSigVerifier(algorithm, sig, rawSig);
                } else {
                    return new SigVerifier(algorithm, sig);
                }
            }
        }
    };
}
Also used : X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder) JcaX509CertificateHolder(com.github.zhenwei.pkix.cert.jcajce.JcaX509CertificateHolder) Signature(java.security.Signature) GeneralSecurityException(java.security.GeneralSecurityException) CertificateEncodingException(java.security.cert.CertificateEncodingException) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) JcaX509CertificateHolder(com.github.zhenwei.pkix.cert.jcajce.JcaX509CertificateHolder) ContentVerifierProvider(com.github.zhenwei.pkix.operator.ContentVerifierProvider) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Aggregations

IOException (java.io.IOException)44 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)34 DERSequence (com.github.zhenwei.core.asn1.DERSequence)29 DERBitString (com.github.zhenwei.core.asn1.DERBitString)21 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)20 OutputStream (java.io.OutputStream)20 SignatureException (java.security.SignatureException)20 GeneralSecurityException (java.security.GeneralSecurityException)15 Signature (java.security.Signature)15 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)14 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)14 InvalidKeyException (java.security.InvalidKeyException)13 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13 Iterator (java.util.Iterator)13 OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)11 CertificateEncodingException (java.security.cert.CertificateEncodingException)11 NoSuchProviderException (java.security.NoSuchProviderException)10 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)9 ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)9 List (java.util.List)9